id: wp-plugin-scan
info:
  name: Wordpress Plugin Scanner
  author: pdteam
  severity: info
  description: Wordlist based wordpress plugin scanner.
  reference: https://github.com/RandomRobbieBF/wordpress-plugin-list
  tags: fuzz

requests:

  - payloads:
      plugin_wordlist: helpers/wordlists/wp-plugins.txt

    attack: sniper
    threads: 50

    raw:
      - |
        GET {{plugin_wordlist}} HTTP/1.1
        Host: {{Hostname}}
        Accept: application/json, text/plain, */*
        Accept-Language: en-US,en;q=0.5
        Referer: {{BaseURL}}

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "== Description =="