nuclei-templates/http/vulnerabilities/wordpress/wp-popup-listing.yaml

28 lines
613 B
YAML

id: wordpress-popup-listing
info:
name: WordPress Popup Plugin Directory Listing
author: aashiq
severity: info
description: Searches for sensitive directories present in the wordpress-popup plugin.
tags: wordpress,listing,plugin
metadata:
max-request: 1
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/wordpress-popup/views/admin/"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "Index of"
- "/wp-content/plugins/wordpress-popup/views/admin"
condition: and