http/fuzzing/wordpress-plugins-detect.yaml

id: wordpress-plugins-detect

info:
  name: WordPress Plugins Detection
  author: 0xcrypto
  severity: info
  metadata:
    max-request: 100563
  tags: fuzz,wordpress,fuzzing,vuln

http:
  - raw:
      - |
        GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1
        Host: {{Hostname}}

    payloads:
      pluginSlug: helpers/wordlists/wordpress-plugins.txt

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "== Description =="

    extractors:
      - type: regex
        part: body
        group: 1
        regex:
          - "===\\s(.*)\\s===" # extract the plugin name
          - "(?m)Stable tag: ([0-9.]+)" # extract the plugin version
# digest: 4a0a00473045022100c0e21976f02334a689b33f658f4f1379b266a93cac4b91548d7d413e88c8305302201ab69db4dd9b64f4088373b72b61523b7370bc946d4cc52dd753cba3bac9a558:922c64590222798bb761d5b6d8e72950
WordPress detection templates 2021-04-20 06:21:49 +05:30			`id: wordpress-plugins-detect`
more updates 2021-10-10 06:43:30 +05:30
WordPress detection templates 2021-04-20 06:21:49 +05:30			`info:`
			`name: WordPress Plugins Detection`
			`author: 0xcrypto`
			`severity: info`
Added max request counter of each template 2023-04-28 13:41:21 +05:30			`metadata:`
Revert "Add flow optimization to multiple paylaods/ reqs templates for performance improvement" 2025-07-22 02:07:56 +05:30			`max-request: 100563`
feat: Implement asset-discovery and vulnerability detection distinction 2025-10-17 14:17:02 +02:00			`tags: fuzz,wordpress,fuzzing,vuln`
WordPress detection templates 2021-04-20 06:21:49 +05:30
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 09:58:59 +05:30			`http:`
Payloads positional update to keep the request format uniform 2021-08-22 23:39:33 +05:30			`- raw:`
WordPress detection templates 2021-04-20 06:21:49 +05:30			`- \|`
			`GET /wp-content/plugins/{{pluginSlug}}/readme.txt HTTP/1.1`
			`Host: {{Hostname}}`
minor updates 2021-04-20 14:13:28 +05:30
Payloads positional update to keep the request format uniform 2021-08-22 23:39:33 +05:30			`payloads:`
			`pluginSlug: helpers/wordlists/wordpress-plugins.txt`

minor updates 2021-04-20 14:13:28 +05:30			`matchers-condition: and`
WordPress detection templates 2021-04-20 06:21:49 +05:30			`matchers:`
			`- type: status`
			`status:`
			`- 200`
minor updates 2021-04-20 14:13:28 +05:30
			`- type: word`
			`words:`
			`- "== Description =="`
Update wordpress-plugins-detect.yaml to extract plugin name and version (#4290) * update wordpress-plugins-detect template to extract plugin name and version * fix yamllint errors * version extractor update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-05-05 22:23:16 +10:00
			`extractors:`
			`- type: regex`
			`part: body`
			`group: 1`
			`regex:`
			`- "===\\s(.*)\\s===" # extract the plugin name`
templateman update 2023-10-14 16:57:55 +05:30			`- "(?m)Stable tag: ([0-9.]+)" # extract the plugin version`
chore: sign templates 🤖 2025-10-26 16:17:34 +00:00			`# digest: 4a0a00473045022100c0e21976f02334a689b33f658f4f1379b266a93cac4b91548d7d413e88c8305302201ab69db4dd9b64f4088373b72b61523b7370bc946d4cc52dd753cba3bac9a558:922c64590222798bb761d5b6d8e72950`