id: wordpress-accessible-wpconfig info: name: WordPress wp-config Detection author: Kiblyn11,zomsop82,madrobot,geeknik,daffainfo,r12w4n,tess severity: medium description: WordPress `wp-config` was discovered. This file is remotely accessible and its content available for reading. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 tags: wordpress,backup requests: - method: GET path: - '{{BaseURL}}/wp-config.php' - '{{BaseURL}}/.wp-config.php.swp' - '{{BaseURL}}/wp-config-sample.php' - '{{BaseURL}}/wp-config.inc' - '{{BaseURL}}/wp-config.old' - '{{BaseURL}}/wp-config.txt' - '{{BaseURL}}/wp-config.php.txt' - '{{BaseURL}}/wp-config.php.bak' - '{{BaseURL}}/wp-config.php.old' - '{{BaseURL}}/wp-config.php.dist' - '{{BaseURL}}/wp-config.php.inc' - '{{BaseURL}}/wp-config.php.swp' - '{{BaseURL}}/wp-config.php.html' - '{{BaseURL}}/wp-config-backup.txt' - '{{BaseURL}}/wp-config.php.save' - '{{BaseURL}}/wp-config.php~' - '{{BaseURL}}/wp-config.php-backup' - '{{BaseURL}}/wp-config.php.orig' - '{{BaseURL}}/wp-config.php_orig' - '{{BaseURL}}/wp-config.php.original' - '{{BaseURL}}/_wpeprivate/config.json' stop-at-first-match: true matchers-condition: and matchers: - type: word words: - "DB_NAME" - "DB_PASSWORD" part: body condition: and - type: status status: - 200 # Enhanced by mp on 2022/04/12