Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum

wordpress-rdf-user-enum

vulnerabilities/wordpress/rdf-user-enumeration.yaml

@@ -0,0 +1,39 @@
+id: rdf-user-enumeration
+
+info:
+  name: Wordpress RDF User Enumeration
+  author: r3dg33k
+  severity: info
+  tags: wordpress
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/feed/rdf'
+    redirects: true
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        part: header
+        words:
+          - "application/rdf+xml"
+
+      - type: word
+        part: body
+        words:
+          - "<rdf:RDF"
+          - "<dc:creator>"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<dc:creator><!\[CDATA\[([a-z]+)\]\]><\/dc:creator>'