New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add cve-2022-1580 #9730
add cve-2022-1580 #9730
Conversation
Thanks as always for your contribution @Kazgangap ! |
Hi @Kazgangap i tried replicating this on a vulnerable plugin installed locally. i couldn't verify this vulnerability is it possible to share the debug data ? Thanks |
Hi @Kazgangap Kindly update the template with flow and strict matcher please Thanks |
hi @DhiyaneshGeek |
hi @DhiyaneshGeek |
Hi @Kazgangap We can update the template with plugin detection , along with version comparison and add the exploitation request with additional matcher. Thanks |
Hello @Kazgangap, thank you so much for sharing this template with the community and contributing to this project 🍻 |
Template / PR Information
The related vulnerability nullifies the function of the plugin with the ?admin parameter. So I used the words wp-block and author as a matcher, which is on every wordpress site.
add cve-2022-1580
https://wpscan.com/vulnerability/7b6f91cd-5a00-49ca-93ff-db7220d2630a/
https://nvd.nist.gov/vuln/detail/CVE-2022-1580
https://wordpress.org/plugins/site-offline/
Template Validation
I've validated this template locally?
Additional Details (leave it blank if not applicable)
Additional References: