漏洞描述
Detected exposed log files generated by the Flexible Shipping (flexible-shipping) plugin via WooCommerce logging (wc_get_logger).
wp-flexible-shipping-log: WordPress Flexible Shipping - Log File Exposure
PoC代码[已公开]
id: wp-flexible-shipping-log
info:
name: WordPress Flexible Shipping - Log File Exposure
author: DhiyaneshDk
severity: medium
description: |
Detected exposed log files generated by the Flexible Shipping (flexible-shipping) plugin via WooCommerce logging (wc_get_logger).
reference:
- https://octolize.com/docs/article/flexible-shipping-debug-mode/
- https://octolize.com/docs/article/woocommerce-shipping-debug-mode/
metadata:
verified: true
max-request: 1
tags: wordpress,wp,wp-plugin,flexible-shipping,log,exposure
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/uploads/wpdesk-logs/wpdesk_debug.log"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(body, "wpdesk.DEBUG","Sender payload")'
condition: and
# digest: 4a0a004730450221009f8c90c2b4a1bc19498d5598e0bbf32b9738a4d8ad3456fb2b18107e6be4b78b02201bca5d8252d61a0dcd4e47a39cb4f8fef9236215d901f7e14baf603cf8400acf:922c64590222798bb761d5b6d8e72950