http/technologies/wordpress/plugins/better-wp-security.yaml

id: wordpress-better-wp-security

info:
  name: Solid Security – Password, Two Factor Authentication, and Brute Force Protection Detection
  author: ricardomaia
  severity: info
  reference:
    - https://wordpress.org/plugins/better-wp-security/
  metadata:
    plugin_namespace: better-wp-security
    wpscan: https://wpscan.com/plugin/better-wp-security
  tags: tech,wordpress,wp-plugin,top-100,top-200

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt"

    payloads:
      last_version: helpers/wordpress/plugins/better-wp-security.txt

    extractors:
      - type: regex
        part: body
        internal: true
        name: internal_detected_version
        group: 1
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'

      - type: regex
        part: body
        name: detected_version
        group: 1
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'

    matchers-condition: or
    matchers:
      - type: dsl
        name: "outdated_version"
        dsl:
          - compare_versions(internal_detected_version, concat("< ", last_version))

      - type: regex
        part: body
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100d756babb857844fc81f0e3f2c15938dab5ce8f592d011ab84b33f09b0f8a29de0220106b4ce9fdd240326d94ee7c8ef91434fe43aa755e7dafa3d7206956d8605e9a:922c64590222798bb761d5b6d8e72950
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								id: wordpress-better-wp-security
 								info:
-												Auto WordPress Plugins Update [Wed Oct 18 04:02:04 UTC 2023] :robot:

											
										
										
											2023-10-18 04:02:04 +00:00
+								  name: Solid Security – Password, Two Factor Authentication, and Brute Force Protection Detection
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								  author: ricardomaia
 								  severity: info
 								  reference:
 								    - https://wordpress.org/plugins/better-wp-security/
 								  metadata:
-												Revert "chore: update TemplateMan 🤖"

This reverts commit c31d574176f2b9e6f8d4fe573a24e7192f808e84.

											
										
										
											2025-05-27 10:39:47 +08:00
+								    plugin_namespace: better-wp-security
 								    wpscan: https://wpscan.com/plugin/better-wp-security
-												refactoring

											
										
										
											2022-12-16 18:13:03 -03:00
+								  tags: tech,wordpress,wp-plugin,top-100,top-200
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
-												Refactoring the directory structure based on protocols (#7137)

* moving http templates

* updated cves.json

* moved network CVEs

* updated scripts

* updated workflows

* updated requests to http

* replaced network to tcp

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
											
										
										
											2023-04-27 09:58:59 +05:30
+								http:
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								  - method: GET
 								    path:
 								      - "{{BaseURL}}/wp-content/plugins/better-wp-security/readme.txt"
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
 								    payloads:
-												refactoring

											
										
										
											2022-12-16 18:13:03 -03:00
+								      last_version: helpers/wordpress/plugins/better-wp-security.txt
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
 								    extractors:
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								      - type: regex
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
+								        part: body
 								        internal: true
 								        name: internal_detected_version
 								        group: 1
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								        regex:
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
+								          - '(?i)Stable.tag:\s?([\w.]+)'
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								      - type: regex
 								        part: body
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
+								        name: detected_version
-												TOP 200 WordPress Plugins

											
										
										
											2022-12-01 20:29:57 -03:00
+								        group: 1
 								        regex:
 								          - '(?i)Stable.tag:\s?([\w.]+)'
-												Update wordpress plugin templates

											
										
										
											2022-12-06 06:28:42 -03:00
 								    matchers-condition: or
 								    matchers:
 								      - type: dsl
 								        name: "outdated_version"
 								        dsl:
 								          - compare_versions(internal_detected_version, concat("< ", last_version))
 								      - type: regex
 								        part: body
 								        regex:
 								          - '(?i)Stable.tag:\s?([\w.]+)'
-												chore: sign templates 🤖

											
										
										
											2025-06-12 02:41:38 +00:00
+								# digest: 4a0a00473045022100d756babb857844fc81f0e3f2c15938dab5ce8f592d011ab84b33f09b0f8a29de0220106b4ce9fdd240326d94ee7c8ef91434fe43aa755e7dafa3d7206956d8605e9a:922c64590222798bb761d5b6d8e72950