漏洞描述
Detected the WordPress wp-env.json configuration file publicly accessible, potentially revealing the PHP version, installed plugins, themes, and development environment details.
wordpress-wp-env-exposure: WordPress Configuration wp-env - Exposure
PoC代码[已公开]
id: wordpress-wp-env-exposure
info:
name: WordPress Configuration wp-env - Exposure
author: 0x_Akoko
severity: low
description: |
Detected the WordPress wp-env.json configuration file publicly accessible, potentially revealing the PHP version, installed plugins, themes, and development environment details.
reference:
- https://developer.wordpress.org/block-editor/reference-guides/packages/packages-env/
metadata:
verified: true
max-request: 1
tags: wp,wordpress,config,exposure,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/.wp-env.json"
matchers-condition: and
matchers:
- type: dsl
dsl:
- "status_code == 200"
- "len(body) > 10"
- "contains(content_type, 'application/json')"
condition: and
- type: word
part: body
words:
- '"phpVersion"'
- '"plugins"'
- '"themes"'
condition: and
# digest: 490a004630440220277d85f40a4c05dbc8a89f033ba67472cf337f83f76bdc41fe6b7bab480e798602207bf038d738608fae49aad4a36b642015a0dfb3273120b4e65a66979b2964beaa:922c64590222798bb761d5b6d8e72950