id: CVE-2019-15858 info: name: Unauthenticated Woody Ad Snippets WordPress Plugin RCE author: dwisiswant0,fmunozs,patralos severity: high description: | This template supports the detection part only. See references. admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code execution. Source/References: - https://github.com/GeneralEG/CVE-2019-15858 tags: cve,cve2019,wordpress,wp-plugin,xss requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/insert-php/readme.txt" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "2.2.5" part: body negative: true - type: word words: - "Changelog" part: body - type: word words: - "Woody ad snippets" part: body