wp-config-setup: WordPress Setup Configuration

漏洞描述

PoC代码[已公开]

id: wp-config-setup

info:
  name: WordPress Setup Configuration
  author: princechaddha
  severity: high
  description: Exposed Wordpress Setup Configuration.
  reference:
    - https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/
  metadata:
    max-request: 1
  tags: wordpress,setup,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-admin/setup-config.php?step=1"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Below you should enter your database connection details."

      - type: status
        status:
          - 200
# digest: 4a0a0047304502204a718f464b0e7ec8478c9b44de18c6c5c8d858a1aa561fcc0b9a3328db7ad486022100817d05f3d301ebe0b3b7d7ec2faef7753096baa5a5ea28787574547ff88d5f1d:922c64590222798bb761d5b6d8e72950

相关漏洞推荐

• WordPress Plugin Alone Theme /wp-admin/admin-ajax.php beplus_import_pack_install_plugin 文件上传漏洞（CVE-2025-5394）
• WordPress Time Clock 插件 /wp-admin/admin-ajax.php 代码执行漏洞 （CVE-2024-9593）
• WordPress Ditty /wp-json/dittyeditor/v1/displayItems 服务器端请求伪造漏洞
• WordPress AI Engine /wp-json/mcp/v1 信息泄露漏洞（CVE-2025-11749）
• WordPress wp-event-solution 插件 /wp-admin/admin-ajax.php 文件读取漏洞（CVE-2025-47445）
• POC CVE-2019-17671: WordPress <= 5.2.4 - Unauthenticated View Private/Draft Posts
• POC CVE-2024-39646: WordPress Custom 404 Pro <= 3.11.1 - Reflected XSS
• POC CVE-2024-6220: WordPress Keydatas ≤ 2.5.2 - Arbitrary File Upload
• POC CVE-2025-47445: WordPress Eventin (Themewinter) ≤ 4.0.26 - Arbitrary File Download
• POC wp-easy-google-fonts-log-disclosure: WordPress Easy Google Fonts - Error Log Disclosure
• POC wp-importer-log-disclosure: WordPress Importer - Error Log Disclosure
• POC wp-buddypress-open-redirect: WordPress BuddyPress < 2.9.2 - Authenticated Open Redirect
• POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure