Create elementorpage-open-redirect.yaml
parent
19ef16c195
commit
e815bdc1b6
|
@ -0,0 +1,20 @@
|
|||
id: elementorpage-open-redirect
|
||||
|
||||
info:
|
||||
name: The Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect
|
||||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: The plugin did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue.
|
||||
reference: https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d
|
||||
tags: wordpress,redirect,wp-plugin,elementor
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/wp-login.php?action=theplusrp&key=&redirecturl=http://attacker.com&forgoturl=http://attacker.com&login=john"
|
||||
|
||||
matchers:
|
||||
- type: regex
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com.*$'
|
||||
part: header
|
Loading…
Reference in New Issue