daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #812 from projectdiscovery/wp-tags 

Added tags to wordpress templates
patch-1
PD-Team 2021-02-05 14:59:01 +05:30 committed by GitHub
parent 5fadb5b7bb e998d52673
commit 8ac2595eff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
20 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves/2019/CVE-2019-15858.yaml
View File

@ -13,6 +13,7 @@ info:
Source/References:
- https://github.com/GeneralEG/CVE-2019-15858
tags: wordpress,wp-pluing
requests:
- method: GET

1
cves/2019/CVE-2019-6715.yaml
View File

@ -5,6 +5,7 @@ info:
author: randomrobbie
severity: high
description: W3 Total Cache 0.9.2.6-0.9.3 - Unauthenticated Arbitrary File Read / SSRF
tags: wordpress,wp-pluing,ssrf
requests:
- raw:

1
cves/2019/CVE-2019-9978.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress social-warfare RFI
author: madrobot & dwisiswant0
severity: critical
tags: wordpress,wp-pluing,ssrf
# Reference:- https://github.com/mpgn/CVE-2019-9978

1
vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
View File

@ -5,6 +5,7 @@ info:
author: PR3R00T
severity: high
reference: "https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/"
tags: wordpress,wp-pluing
requests:
- method: GET

2
vulnerabilities/wordpress/sassy-social-share.yaml
View File

@ -5,7 +5,7 @@ info:
author: Random-Robbie
severity: medium
description: Sassy Social Share <= 3.3.3 - Cross-Site Scripting (XSS)
tags: wordpress,wp-pluing
requests:
- method: GET
path:

1
vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
View File

@ -3,6 +3,7 @@ info:
name: Wordpress W3C Total Cache SSRF <= 0.9.4
author: random-robbie
severity: medium
tags: wordpress,wp-pluing
# Reference
# https://wpvulndb.com/vulnerabilities/8644

2
vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
View File

@ -3,6 +3,8 @@ info:
name: WordPress accessible wp-config
author: Kiblyn11 & zomsop82 & madrobot & geeknik
severity: high
tags: wordpress,backups
requests:
- method: GET
path:

1
vulnerabilities/wordpress/wordpress-db-backup.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress DB Backup
author: dwisiswant0
severity: medium
tags: wordpress,backups
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-debug-log.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress debug log
author: geraldino2 & @dwisiswant0
severity: low
tags: wordpress,logs
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-directory-listing.yaml
View File

@ -4,6 +4,7 @@ info:
name: Wordpress directory listing
author: Manas_Harsh
severity: info
tags: wordpress
requests:
- method: GET

2
vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
View File

@ -3,7 +3,7 @@ info:
name: wordpress-emails-verification-for-woocommerce
author: random-robbie
severity: critical
tags: wordpress,wp-pluing
# Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass
# https://wpvulndb.com/vulnerabilities/10318

1
vulnerabilities/wordpress/wordpress-emergency-script.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress Emergency Script
author: dwisiswant0
severity: info
tags: wordpress
# Ref:-
# https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script

1
vulnerabilities/wordpress/wordpress-installer-log.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress Installer Log
author: dwisiswant0
severity: info
tags: wordpress,logs
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
View File

@ -4,6 +4,7 @@ info:
name: Social Metrics Tracker <= 1.6.8 - Unauthorised Data Export
author: randomrobbie
severity: medium
tags: wordpress,wp-pluing
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress ThemeMarkers DB Migration File
author: dwisiswant0
severity: info
tags: wordpress,wp-pluing,backups
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-user-enumeration.yaml
View File

@ -4,6 +4,7 @@ info:
name: Wordpress user enumeration
author: Manas_Harsh
severity: info
tags: wordpress
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress Wordfence 7.4.6 Cross Site Scripting
author: madrobot
severity: medium
tags: wordpress,wp-pluing,xss
requests:
- method: GET

1
vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
View File

@ -5,6 +5,7 @@ info:
author: dwisiswant0
severity: high
description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials
tags: wordpress,wp-pluing
# References:
# - [1] https://www.exploit-db.com/exploits/48910

1
vulnerabilities/wordpress/wp-enabled-registration.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress user registration enabled
author: Ratnadip Gajbhiye
severity: info
tags: wordpress
requests:
- method: GET

1
vulnerabilities/wordpress/wp-xmlrpc.yaml
View File

@ -4,6 +4,7 @@ info:
name: WordPress xmlrpc
author: udit_thakkur
severity: info
tags: wordpress
requests:
- method: GET