add cve-2023-6505

http/cves/2023/CVE-2023-6505.yaml

@@ -0,0 +1,44 @@
+id: CVE-2023-6505
+
+info:
+  name: Prime Mover < 1.9.3 - Directory Listing to Sensitive Data Exposure
+  author: securityforeveryone.com
+  severity: high
+  description: |
+    Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes.
+  remediation: Fixed in 1.9.3
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-6505
+    - https://wpscan.com/vulnerability/eca6f099-6af0-4f42-aade-ab61dd792629
+    - https://research.cleantalk.org/cve-2023-6505-prime-mover-poc-exploit/
+    - https://github.com/fkie-cad/nvd-json-data-feeds
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2023-6505
+    epss-score: 0.00087
+    epss-percentile: 0.36916
+    cpe: cpe:2.3:a:codexonics:prime_mover:*:*:*:*:*:wordpress:*:*
+  metadata:
+    vendor: codexonics
+    product: prime_mover
+    framework: wordpress
+  tags: wpscan,wordpress,exposure,cve,cve2023
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'Index of /wp-content/uploads/prime-mover-export-files/1'
+          - '.wprime'
+        condition: or
+        part: body
+
+      - type: status
+        status:
+          - 200