daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-2034.yaml

patch-1
Ritik Chaddha 2022-11-30 14:25:47 +05:30 committed by GitHub
parent f2a8f93e5f
commit cb1c230e28
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
cves/2022/CVE-2022-2034.yaml
View File

@ -13,26 +13,31 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2022-2034
classification:
cve-id: CVE-2022-2034
tags: cve,cve2022,wordpress,wp-plugin,wp
metadata:
verified: true
tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms
requests:
- method: GET
path:
- "{{BaseURL}}/wp-json/wp/v2/sensei-messages/"
- "{{BaseURL}}/wp-json/wp/v2/sensei-messages/0"
matchers-condition: and
matchers:
- type: regex
- type: word
part: body
words:
- 'message":"Invalid post ID.'
- 'guid":{"rendered":'
condition: or
- type: word
part: header
regex:
- '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+'
words:
- application/json
- type: status
status:
- 301
extractors:
- type: regex
part: header
regex:
- 'sensei-messages\/\w+'
- 404
- 200
condition: or