nuclei-templates/http/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml

id: wp-mstore-plugin-listing

info:
  name: Wordpress Plugin MStore API
  author: pussycat0x
  severity: low
  description: Searches for sensitive directories present in the mstore-api plugin.
  metadata:
    max-request: 1
    google-query: inurl:/wp-content/plugins/mstore-api/
  tags: wordpress,listing,wp-plugin

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/mstore-api/"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Index of"
          - "/wp-content/plugins/mstore-api"
        condition: and

      - type: status
        status:
          - 200

# digest: 490a0046304402201c167b12dde8a2e224c39074bad196d4138ac6424b66c782950a121b035427e9022014040370921dffe68731e76f661227a0c9515014014b0b4c9930fac8726fa0b3:922c64590222798bb761d5b6d8e72950