id: wordpress-upload-data info: name: wordpress-upload-data author: pussycat0x severity: medium description: Searches for Passwords in the wordpress uploads directory. reference: https://www.exploit-db.com/ghdb/7040 tags: wordpress,listing requests: - method: GET path: - "{{BaseURL}}/wp-content/uploads/data.txt" matchers-condition: and matchers: - type: word words: - "admin:" - type: word part: header words: - "text/plain" - type: status status: - 200