Adding tags to vulnerabilities and workflows

2021-02-12 11:23:01 +05:30 · 2021-02-12 11:23:01 +05:30 · ec7a29957d
parent 16f23c84be
commit ec7a29957d
81 changed files with 106 additions and 35 deletions
--- a/vulnerabilities/generic/basic-cors.yaml
+++ b/vulnerabilities/generic/basic-cors.yaml
@ -4,6 +4,7 @@ info:
  name: Basic CORS misconfiguration
  author: nadino
  severity: low
+  tags: cors

 requests:
  - method: GET
--- a/vulnerabilities/generic/basic-xss-prober.yaml
+++ b/vulnerabilities/generic/basic-xss-prober.yaml
@ -4,6 +4,7 @@ info:
  name: Basic XSS Prober
  author: nadino & geeknik
  severity: low
+  tags: xss

  # Basic XSS prober
  # Manual testing needed for exploitation
--- a/vulnerabilities/generic/crlf-injection.yaml
+++ b/vulnerabilities/generic/crlf-injection.yaml
@ -5,6 +5,7 @@ info:
  author: melbadry9 & nadino & xElkomy
  severity: low
  description: Improper sanitization of CRLF sequences.
+  tags: crlf

 requests:
  - method: GET
--- a/vulnerabilities/generic/top-xss-params.yaml
+++ b/vulnerabilities/generic/top-xss-params.yaml
@ -11,6 +11,7 @@ info:
  severity: medium
  #  Description optionally describes the template.
  description: Searches for reflected XSS in the server response via GET-requests.
+  tags: xss

 requests:
  - method: GET
--- a/vulnerabilities/generic/url-redirect.yaml
+++ b/vulnerabilities/generic/url-redirect.yaml
@ -5,6 +5,7 @@ info:
  author: melbadry9 & Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1 & geeknik
  severity: low
  description: A user-controlled input redirect users to an external website.
+  tags: redirect

 requests:
  - method: GET
--- a/vulnerabilities/ibm/eclipse-help-system-xss.yaml
+++ b/vulnerabilities/ibm/eclipse-help-system-xss.yaml
@ -4,8 +4,7 @@ info:
  name: Eclipse Help System RXSS vulnerability
  author: pikpikcu
  severity: medium
-
-  # Source:- https://github.com/pikpikcu/nuclei-templates/blob/master/vulnerabilities/eclipse-xss.yaml
+  tags: ibm,xss

 requests:
  - method: GET
--- a/vulnerabilities/ibm/ibm-infoprint-directory-traversal.yaml
+++ b/vulnerabilities/ibm/ibm-infoprint-directory-traversal.yaml
@ -5,8 +5,8 @@ info:
  author: Harsh Bothra
  severity: medium
  description: Directory traversal vulnerability on IBM InfoPrint 4247-Z03 Impact Matrix Printer.
-
-  # reference: https://www.exploit-db.com/exploits/47835
+  reference: https://www.exploit-db.com/exploits/47835
+  tags: ibm,lfi

 requests:
  - method: GET
--- a/vulnerabilities/jenkins/jenkins-asyncpeople.yaml
+++ b/vulnerabilities/jenkins/jenkins-asyncpeople.yaml
@ -4,6 +4,7 @@ info:
  name: Jenkins panel async-people
  author: nadino
  severity: info
+  tags: jenkins

 requests:
  - method: GET
--- a/vulnerabilities/jenkins/jenkins-stack-trace.yaml
+++ b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
@ -6,6 +6,7 @@ info:
  severity: low
  description: Module identified that the affected host is running an instance of Jenkins in debug mode, as a result stack traces are enabled.
  reference: https://hackerone.com/reports/221833
+  tags: jenkins

 requests:
  - method: GET
--- a/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
+++ b/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
@ -4,6 +4,7 @@ info:
  name: Unauthenticated Jenkin Dashboard
  author: dhiyaneshDK
  severity: high
+  tags: jenkins

 requests:
  - method: GET
--- a/vulnerabilities/jira/jira-service-desk-signup.yaml
+++ b/vulnerabilities/jira/jira-service-desk-signup.yaml
@ -4,6 +4,7 @@ info:
  name: Jira Service Desk Signup
  author: TechbrunchFR
  severity: medium
+  tags: jira,atlassian

 requests:
  - method: POST
--- a/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
@ -5,6 +5,7 @@ info:
  author: madrobot
  severity: high
  description: Local file inclusion on Moodle.
+  tags: moodle,lfi

 requests:
  - method: GET
--- a/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
+++ b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
@ -5,6 +5,7 @@ info:
  author: madrobot
  severity: medium
  description: Cross-site scripting on Moodle.
+  tags: moodle,xss

 requests:
  - method: GET
--- a/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
+++ b/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
@ -2,8 +2,9 @@ id: oracle-ebs-bispgrapgh-file-read

 info:
  name: Oracle EBS Bispgraph File Access
-  author: "@emenalf & @tirtha_mandal"
+  author: emenalf & tirtha_mandal
  severity: critical
+  tags: moodle,lfi

 requests:
  - method: GET
--- a/vulnerabilities/other/CNVD-2020-62422.yaml
+++ b/vulnerabilities/other/CNVD-2020-62422.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: medium
  reference: https://blog.csdn.net/m0_46257936/article/details/113150699
+  tags: lfi

 requests:
  - method: GET
--- a/vulnerabilities/other/acme-xss.yaml
+++ b/vulnerabilities/other/acme-xss.yaml
@ -4,6 +4,7 @@ info:
  name: ACME / Let's Encrypt Reflected XSS
  author: pd-team
  severity: low
+  tags: xss,acme

 requests:
  - method: GET
--- a/vulnerabilities/other/aspnuke-openredirect.yaml
+++ b/vulnerabilities/other/aspnuke-openredirect.yaml
@ -4,6 +4,7 @@ info:
  name: ASP-Nuke Open Redirect
  author: pd-team
  severity: low
+  tags: aspnuke,redirect

 requests:
  - method: GET
--- a/vulnerabilities/other/bullwark-momentum-lfi.yaml
+++ b/vulnerabilities/other/bullwark-momentum-lfi.yaml
@ -4,6 +4,7 @@ info:
  name: Bullwark Momentum Series JAWS 1.0 - Directory Traversal
  author: pikpikcu
  severity: high
+  tags: bullwark,lfi

 # Refrence:-https://www.exploit-db.com/exploits/47773
 # Vendor Homepage: http://www.bullwark.net/
--- a/vulnerabilities/other/cached-aem-pages.yaml
+++ b/vulnerabilities/other/cached-aem-pages.yaml
@ -4,7 +4,7 @@ info:
  name: Invalidate / Flush Cached Pages on AEM
  author: hetroublemakr
  severity: low
-  description: todo
+  tags: aem

  # reference: https://twitter.com/AEMSecurity

--- a/vulnerabilities/other/chamilo-lms-xss.yaml
+++ b/vulnerabilities/other/chamilo-lms-xss.yaml
@ -5,6 +5,7 @@ info:
  author: geeknik
  severity: medium
  description: https://www.netsparker.com/web-applications-advisories/ns-21-001-cross-site-scripting-in-chamilo-lms/
+  tags: xss,chamilo

 requests:
  - method: GET
--- a/vulnerabilities/other/couchdb-adminparty.yaml
+++ b/vulnerabilities/other/couchdb-adminparty.yaml
@ -5,6 +5,7 @@ info:
  author: organiccrap
  severity: high
  description: Requests made against CouchDB is done in the context of an admin user.
+  tags: couchdb

 requests:
  - method: GET
--- a/vulnerabilities/other/discourse-xss.yaml
+++ b/vulnerabilities/other/discourse-xss.yaml
@ -5,6 +5,7 @@ info:
  author: madrobot
  severity: medium
  description: Cross-site scripting (XSS) on Discourse CMS
+  tags: xss,discourse

 requests:
  - method: GET
@ -15,7 +16,13 @@ requests:
      - type: status
        status:
          - 200
+
      - type: word
        words:
          - "<svg/onload=alert(1337)>"
        part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
--- a/vulnerabilities/other/dlink-850L-info-leak.yaml
+++ b/vulnerabilities/other/dlink-850L-info-leak.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: info
  reference: https://xz.aliyun.com/t/2941
+  tags: dlink

 requests:
  - method: POST
--- a/vulnerabilities/other/keycloak-xss.yaml
+++ b/vulnerabilities/other/keycloak-xss.yaml
@ -5,6 +5,7 @@ info:
  author: incogbyte
  severity: medium
  reference: https://cure53.de/pentest-report_keycloak.pdf
+  tags: keycloak,xss

 requests:
  - raw:
--- a/vulnerabilities/other/mcafee-epo-rce.yaml
+++ b/vulnerabilities/other/mcafee-epo-rce.yaml
@ -14,6 +14,7 @@ info:

    References:
    - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
+  tags: mcafee,rce

 requests:
  - method: GET
--- a/vulnerabilities/other/microstrategy-ssrf.yaml
+++ b/vulnerabilities/other/microstrategy-ssrf.yaml
@ -4,7 +4,8 @@ info:
  author: organiccrap
  severity: high
  description: Blind server-side request forgery vulnerability on MicroStrategy URL shortener.
-  # reference: https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204
+  reference: https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204
+  tags: microstrategy,ssrf

 requests:
  - method: GET
--- a/vulnerabilities/other/mida-eframework-xss.yaml
+++ b/vulnerabilities/other/mida-eframework-xss.yaml
@ -4,6 +4,7 @@ info:
  name: Mida eFramework - Cross Site Scripting
  author: pikpikcu
  severity: medium
+  tags: mida,xss

 requests:
  - raw:
--- a/vulnerabilities/other/nginx-module-vts-xss.yaml
+++ b/vulnerabilities/other/nginx-module-vts-xss.yaml
@ -4,7 +4,7 @@ info:
  name: Nginx virtual host traffic status module XSS
  author: madrobot
  severity: medium
-  description: todo
+  tags: nginx,xss

 requests:
  - method: GET
@ -16,7 +16,13 @@ requests:
      - type: status
        status:
          - 200
+
      - type: word
        words:
          - "<script>alert(31337)</script>"
        part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
--- a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
+++ b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
@ -4,6 +4,7 @@ info:
  name: NUUO NVRmini2 3.0.8 - Remote Code Execution
  author: berkdusunur
  severity: critical
+  tags: rce

  # Reference:-
  # https://www.exploit-db.com/exploits/45070
--- a/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
+++ b/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
@ -4,7 +4,7 @@ info:
  name: PDF Signer v3.0 - SSTI to RCE via CSRF Cookie
  author: madrobot
  severity: high
-  description: todo
+  tags: ssti,rce

 requests:
  - method: GET
--- a/vulnerabilities/other/rce-shellshock-user-agent.yaml
+++ b/vulnerabilities/other/rce-shellshock-user-agent.yaml
@ -4,7 +4,7 @@ info:
  name: Remote Code Execution Via (User-Agent)
  author: 0xelkomy
  severity: high
- description: todo
+  tags: shellshock,rce

 requests:
 - method: GET
--- a/vulnerabilities/other/rce-via-java-deserialization.yaml
+++ b/vulnerabilities/other/rce-via-java-deserialization.yaml
@ -3,7 +3,8 @@ info:
  name: Java Deserialization [RCE]
  author: uhnysh
  severity: critical
-  description: todo
+  tags: java,rce
+
  # This can only be used to detect the vuln, please make sure to run ysoserial over the URLs to verify.

 requests:
--- a/vulnerabilities/other/rconfig-rce.yaml
+++ b/vulnerabilities/other/rconfig-rce.yaml
@ -4,6 +4,7 @@ info:
  name: rConfig 3.9.5 - Remote Code Execution
  author: dwisiswant0
  severity: high
+  tags: rconfig,rce

  # This template supports the user creation part only.
  # To triggering an RCE, see references[2].
--- a/vulnerabilities/other/sangfor-edr-rce.yaml
+++ b/vulnerabilities/other/sangfor-edr-rce.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://www.cnblogs.com/0day-li/p/13650452.html
+  tags: rce

 requests:
  - method: POST
--- a/vulnerabilities/other/sick-beard-xss.yaml
+++ b/vulnerabilities/other/sick-beard-xss.yaml
@ -1,13 +1,14 @@
 id: sick-beard-xss

-# Vendor Homepage: https://sickbeard.com/
-# Software Link: https://github.com/midgetspy/Sick-Beard
-# shodan dork: sickbeard
-
 info:
  name: Sick Beard XSS
  author: pikpikcu
  severity: medium
+  tags: xss
+
+# Vendor Homepage: https://sickbeard.com/
+# Software Link: https://github.com/midgetspy/Sick-Beard
+# shodan dork: sickbeard

 requests:
  - method: GET
--- a/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
+++ b/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
@ -7,6 +7,7 @@ info:
  reference: |
      - https://twitter.com/chybeta/status/1353974652540882944
      - https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/
+  tags: shellshock,sonicwall,rce,vpn

 requests:
  - raw:
--- a/vulnerabilities/other/symantec-messaging-gateway.yaml
+++ b/vulnerabilities/other/symantec-messaging-gateway.yaml
@ -5,6 +5,7 @@ info:
  author: Random-Robbie
  severity: medium
  description: Symantec Messaging Gateway <= 10.6.1 Directory Traversal
+  tags: lfi

 requests:
  - method: GET
--- a/vulnerabilities/other/thinkific-redirect.yaml
+++ b/vulnerabilities/other/thinkific-redirect.yaml
@ -4,6 +4,7 @@ info:
  name: Open Redirect vulnerability on thinkific websites
  author: Gal Nagli
  severity: Medium
+  tags: redirect


 requests:
--- a/vulnerabilities/other/tikiwiki-reflected-xss.yaml
+++ b/vulnerabilities/other/tikiwiki-reflected-xss.yaml
@ -4,7 +4,7 @@ info:
  name: Tiki Wiki CMS Groupware 5.2 Reflected Cross-site Scripting
  author: madrobot
  severity: medium
-  description: todo
+  tags: xss

 requests:
  - method: GET
--- a/vulnerabilities/other/twig-php-ssti.yaml
+++ b/vulnerabilities/other/twig-php-ssti.yaml
@ -4,6 +4,7 @@ info:
  name: Twig PHP <2.4.4 template engine - SSTI
  author: madrobot
  severity: high
+  tags: php,ssti

 requests:
  - method: GET
--- a/vulnerabilities/other/vpms-auth-bypass.yaml
+++ b/vulnerabilities/other/vpms-auth-bypass.yaml
@ -4,9 +4,7 @@ info:
  name: Vehicle Parking Management System 1.0 - Authentication Bypass
  author: dwisiswant0
  severity: high
-
-  # References:
-  # - https://www.exploit-db.com/exploits/48877
+  reference: https://www.exploit-db.com/exploits/48877

 requests:
  - raw:
--- a/vulnerabilities/other/wems-manager-xss.yaml
+++ b/vulnerabilities/other/wems-manager-xss.yaml
@ -4,6 +4,7 @@ info:
  name: WEMS Enterprise Manager XSS
  author: pikpikcu
  severity: medium
+  tags: xss

  # Source
  # https://packetstormsecurity.com/files/155777/WEMS-Enterprise-Manager-2.58-Cross-Site-Scripting.html
--- a/vulnerabilities/other/wooyun-path-traversal.yaml
+++ b/vulnerabilities/other/wooyun-path-traversal.yaml
@ -9,6 +9,7 @@ info:
        A general document of UFIDA ERP-NC contains a vulnerability
        (affecting a large number of well-known school government and enterprise cases
        such as COFCO/Minsheng E-commerce/Tsinghua University/Aigo)
+  tags: lfi

 requests:
  - method: GET
--- a/vulnerabilities/other/yarn-resourcemanager-rce.yaml
+++ b/vulnerabilities/other/yarn-resourcemanager-rce.yaml
@ -4,6 +4,7 @@ info:
  name: Apache Yarn ResourceManager RCE
  author: pd-team
  severity: low
+  tags: apache,rce

 requests:
  - method: POST
--- a/vulnerabilities/other/zms-auth-bypass.yaml
+++ b/vulnerabilities/other/zms-auth-bypass.yaml
@ -4,9 +4,7 @@ info:
  name: Zoo Management System 1.0 - Authentication Bypass
  author: dwisiswant0
  severity: high
-
-  # References:
-  # - https://www.exploit-db.com/exploits/48880
+  refernce: https://www.exploit-db.com/exploits/48880

 requests:
  - raw:
--- a/vulnerabilities/rails/rails6-xss.yaml
+++ b/vulnerabilities/rails/rails6-xss.yaml
@ -4,6 +4,7 @@ info:
  author: 'ooooooo_q (Original finder), Rahul and Harsh (Template author)'
  severity: medium
  reference: https://hackerone.com/reports/904059
+  tags: rails,xss

  #  XSS (6.0.0 < rails < 6.0.3.2); Payload is location=%0djavascript:alert(1);
  #  Nuclei has issues with 302 response missing a Location header thus the
--- a/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
+++ b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
@ -5,6 +5,7 @@ info:
  author: dwisiswant0
  severity: high
  description: todo
+  tags: springboot,jolokia,xxe

 requests:
  - method: GET
--- a/vulnerabilities/springboot/springboot-h2-db-rce.yaml
+++ b/vulnerabilities/springboot/springboot-h2-db-rce.yaml
@ -4,6 +4,7 @@ info:
  name: Spring Boot H2 Database RCE
  author: dwisiswant0
  severity: critical
+  tags: springboot,rce

  # Payload taken from @pyn3rd (Twitter), see reference[2].

--- a/vulnerabilities/thinkcmf/thinkcmf-rce.yaml
+++ b/vulnerabilities/thinkcmf/thinkcmf-rce.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: critical
  reference: https://www.freebuf.com/vuls/217586.html
-  tags: thinkcmf,lfi
+  tags: thinkcmf,rce

 requests:
  - method: GET
--- a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
@ -6,6 +6,7 @@ info:
  severity: critical
  description: ThinkPHP 2.x version and 3.0 in Lite mode Remote Code Execution.
  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
+  tags: thinkphp,rce

 requests:
  - method: GET
--- a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
@ -6,6 +6,7 @@ info:
  severity: critical
  description: Thinkphp5 5.0.22/5.1.29 Remote Code Execution if the website doesn't have mandatory routing enabled (which is default).
  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
+  tags: thinkphp,rce

 requests:
  - method: GET
--- a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
@ -6,6 +6,7 @@ info:
  severity: critical
  description: Thinkphp5 5.0(<5.0.24) Remote Code Execution.
  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
+  tags: thinkphp,rce

 requests:
  - method: POST
--- a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
@ -6,6 +6,7 @@ info:
  severity: critical
  description: Verbose SQL error message reveals sensitive information including database credentials.
  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
+  tags: thinkphp

 requests:
  - method: GET
--- a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
@ -4,6 +4,7 @@ info:
  name: Vmware Vcenter LFI for Linux appliances
  author: PR3R00T
  severity: high
+  tags: vmware,lfi

 requests:
  - method: GET
--- a/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
+++ b/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
@ -4,6 +4,8 @@ info:
  name: VMware vCenter Unauthenticated Arbitrary File Read
  author: dwisiswant0
  severity: high
+  reference: https://kb.vmware.com/s/article/7960893
+  tags: vmware,lfi

  # Reference:-
  # https://twitter.com/ptswarm/status/1316016337550938122
--- a/vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
+++ b/vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
@ -5,7 +5,7 @@ info:
  author: PR3R00T
  severity: high
  reference: "https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/"
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin

 requests:
  - method: GET
--- a/vulnerabilities/wordpress/sassy-social-share.yaml
+++ b/vulnerabilities/wordpress/sassy-social-share.yaml
@ -5,7 +5,7 @@ info:
  author: Random-Robbie
  severity: medium
  description: Sassy Social Share <= 3.3.3 - Cross-Site Scripting (XSS)
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin
 requests:
  - method: GET
    path:
--- a/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
+++ b/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
@ -3,7 +3,7 @@ info:
  name: Wordpress W3C Total Cache SSRF <= 0.9.4
  author: random-robbie
  severity: medium
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin

  # Reference
  # https://wpvulndb.com/vulnerabilities/8644
--- a/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
+++ b/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
@ -3,7 +3,7 @@ info:
  name: wordpress-emails-verification-for-woocommerce
  author: random-robbie
  severity: critical
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin

  # Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass
  # https://wpvulndb.com/vulnerabilities/10318
--- a/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
+++ b/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
@ -4,7 +4,7 @@ info:
  name: Social Metrics Tracker <= 1.6.8 - Unauthorised Data Export
  author: randomrobbie
  severity: medium
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin

 requests:
  - method: GET
--- a/vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
+++ b/vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
@ -4,7 +4,7 @@ info:
  name: WordPress ThemeMarkers DB Migration File
  author: dwisiswant0
  severity: info
-  tags: wordpress,wp-pluing,backups
+  tags: wordpress,plugin,backups

 requests:
  - method: GET
--- a/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
+++ b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
@ -4,7 +4,7 @@ info:
  name: WordPress Wordfence 7.4.6 Cross Site Scripting
  author: madrobot
  severity: medium
-  tags: wordpress,wp-pluing,xss
+  tags: wordpress,plugin,xss

 requests:
  - method: GET
--- a/vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
+++ b/vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
@ -5,7 +5,7 @@ info:
  author: dwisiswant0
  severity: high
  description: Critical Information Disclosure on WP Courses plugin < 2.0.29 exposes private course videos and materials
-  tags: wordpress,wp-pluing
+  tags: wordpress,plugin

  # References:
  # - [1] https://www.exploit-db.com/exploits/48910
--- a/workflows/artica-web-proxy-workflow.yaml
+++ b/workflows/artica-web-proxy-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Artica Web Proxy Security Checks
  author: dwisiswant0 & pdteam
  description: A simple workflow that runs all Artica Web Proxy related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/bigip-workflow.yaml
+++ b/workflows/bigip-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: F5 BIG-IP Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all Bigip related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/cisco-asa-workflow.yaml
+++ b/workflows/cisco-asa-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Cisco ASA Security Checks
  author: flag007
  description: A simple workflow that runs all Cisco related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/grafana-workflow.yaml
+++ b/workflows/grafana-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Grafana Security Checks
  author: pdteam
  description: A simple workflow that runs all Grafana related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/jira-workflow.yaml
+++ b/workflows/jira-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Jira Security Checks
  author: micha3lb3n
  description: A simple workflow that runs all Jira related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/liferay-workflow.yaml
+++ b/workflows/liferay-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Liferay Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all liferay related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/lotus-domino-workflow.yaml
+++ b/workflows/lotus-domino-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Lotus Domino Security Checks
  author: CasperGN
  description: A simple workflow that runs all Lotus Domino related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/magmi-workflow.yaml
+++ b/workflows/magmi-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: MAGMI Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all MAGMI related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/mida-eframework-workflow.yaml
+++ b/workflows/mida-eframework-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Mida eFramework Security Checks
  author: CasperGN
  description: A simple workflow that runs all Mida eFramework related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/netsweeper-workflow.yaml
+++ b/workflows/netsweeper-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Netsweeper Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all netsweeper related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/rabbitmq-workflow.yaml
+++ b/workflows/rabbitmq-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: RabbitMQ Security Checks
  author: fyoorer
  description: A simple workflow that runs all rabbitmq related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/sap-netweaver-workflow.yaml
+++ b/workflows/sap-netweaver-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: SAP NetWaver Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all SAP NetWaver related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/solarwinds-orion-workflow.yaml
+++ b/workflows/solarwinds-orion-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: SolarWinds Orion Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all SolarWinds Orion related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/springboot-workflow.yaml
+++ b/workflows/springboot-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: Springboot Security Checks
  author: dwisiswant0
  description: A simple workflow that runs all springboot related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/thinkphp-workflow.yaml
+++ b/workflows/thinkphp-workflow.yaml
@ -3,6 +3,7 @@ info:
  name: ThinkPHP Security Checks
  author: dr_set
  description: A simple workflow that runs all ThinkPHP related nuclei templates on a given target.
+  tags: workflow

 workflows:

--- a/workflows/vbulletin-workflow.yaml
+++ b/workflows/vbulletin-workflow.yaml
@ -4,6 +4,7 @@ info:
  name: vBulletin Security Checks
  author: pdteam
  description: A simple workflow that runs all vBulletin related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.
--- a/workflows/weblogic-workflow.yaml
+++ b/workflows/weblogic-workflow.yaml
@ -3,6 +3,7 @@ info:
  name: WebLogic Security Checks
  author: dr_set
  description: A simple workflow that runs all WebLogic related nuclei templates on a given target.
+  tags: workflow

 workflows:

--- a/workflows/wordpress-workflow.yaml
+++ b/workflows/wordpress-workflow.yaml
@ -3,6 +3,7 @@ info:
  name: Wordpress Security Checks
  author: kiblyn11 & zomsop82
  description: A simple workflow that runs all wordpress related nuclei templates on a given target.
+  tags: workflow

  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
  # Old workflows still remains valid, and will be working with all nuclei versions.