wp-easy-google-fonts-log-disclosure: WordPress Easy Google Fonts - Error Log Disclosure

日期: 2025-12-12 | 影响软件: WordPress Easy Google Fonts | POC: 已公开

漏洞描述

Detected WordPress Easy Google Fonts plugin debug log file, potentially revealing file paths, errors, and sensitive information.

PoC代码[已公开]

id: wp-easy-google-fonts-log-disclosure

info:
  name: WordPress Easy Google Fonts - Error Log Disclosure
  author: 0x_Akoko
  severity: low
  description: |
    Detected WordPress Easy Google Fonts plugin debug log file, potentially revealing file paths, errors, and sensitive information.
  reference:
    - https://wordpress.org/plugins/easy-google-fonts/
  metadata:
    verified: true
    max-request: 1
  tags: wordpress,wp-plugin,exposure,easy-google-fonts,logs

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/easy-google-fonts/error_log"

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'regex("\\[\\d{2}-[A-Za-z]{3}-\\d{4} \\d{2}:\\d{2}:\\d{2}", body)'
          - 'contains_any(body, "PHP Fatal error:", "PHP Warning:", "PHP Notice:", "PHP Parse error:")'
        condition: and
# digest: 4b0a004830460221009e3e88966773cfd4ad7740967bd112f10cdf9e658aa968cfc14658fa5df373e9022100d05936d1c79c79333310020881bcf57078c66c564683de28e9059808896bace2:922c64590222798bb761d5b6d8e72950

来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/logs/wp-easy-google-fonts-log-disclosure.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐