id: wordpress-popup-listing

info:
  name: WordPress Popup Plugin Directory Listing
  author: aashiq
  severity: info
  description: Searches for sensitive directories present in the wordpress-popup plugin.
  metadata:
    max-request: 1
  tags: wordpress,listing,plugin

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/wordpress-popup/views/admin/"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Index of"
          - "/wp-content/plugins/wordpress-popup/views/admin"
        condition: and

# digest: 4b0a00483046022100c2411afae73fdffc85b85ee5fbef8243d44339d64e495474f70aff573b316898022100d49b0212098b864b1b99aa662908b1a775ac28f4319ea5da7ea7294771c2bbf8:922c64590222798bb761d5b6d8e72950