Create CVE-2019-15858.yaml

2020-12-02 10:55:57 +05:30 · 2020-12-02 10:55:57 +05:30 · 950d3e4f24
parent 97a3321346
commit 950d3e4f24
1 changed files with 37 additions and 0 deletions
--- a/cves/CVE-2019-15858.yaml
+++ b/cves/CVE-2019-15858.yaml
@ -0,0 +1,37 @@
+id: cve-2019-15858
+
+info:
+  name: Unauthenticated Woody Ad Snippets WordPress Plugin RCE
+  author: dwisiswant0 & fmunozs & patralos
+  severity: high
+  description: |
+    This template supports the detection part only. See references.
+
+    admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin
+    before 2.2.5 for WordPress allows unauthenticated options import,
+    as demonstrated by storing an XSS payload for remote code execution.
+
+    Source/References:
+    - https://github.com/GeneralEG/CVE-2019-15858
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/insert-php/readme.txt"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "2.2.5"
+        part: body
+        negative: true
+
+      - type: word
+        words:
+          - "text/plain"
+        part: header