id: wordpress-header-footer info: name: Head, Footer and Post Injections Detection author: ricardomaia severity: info reference: - https://wordpress.org/plugins/header-footer/ metadata: plugin_namespace: header-footer wpscan: https://wpscan.com/plugin/header-footer tags: tech,wordpress,wp-plugin,top-200 http: - method: GET path: - "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt" payloads: last_version: helpers/wordpress/plugins/header-footer.txt extractors: - type: regex part: body internal: true name: internal_detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' - type: regex part: body name: detected_version group: 1 regex: - '(?i)Stable.tag:\s?([\w.]+)' matchers-condition: or matchers: - type: dsl name: "outdated_version" dsl: - compare_versions(internal_detected_version, concat("< ", last_version)) - type: regex part: body regex: - '(?i)Stable.tag:\s?([\w.]+)' # digest: 4a0a00473045022100c7ae9a80417b8ab0f2d0a558652dbf5f7ba35eaf7f7655cb0c29b868cea601a9022053597f005a373aa67897eb299a5a8247548952b043c7e5224443056fa0c8c4f4:922c64590222798bb761d5b6d8e72950