nuclei-templates/http/technologies/wordpress/plugins/jetpack.yaml

id: wordpress-jetpack

info:
  name: Jetpack – WP Security, Backup, Speed, & Growth Detection
  author: ricardomaia
  severity: info
  reference:
    - https://wordpress.org/plugins/jetpack/
  metadata:
    plugin_namespace: jetpack
    wpscan: https://wpscan.com/plugin/jetpack
  tags: tech,wordpress,wp-plugin,top-100,top-200,discovery

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/jetpack/readme.txt"

    payloads:
      last_version: helpers/wordpress/plugins/jetpack.txt

    extractors:
      - type: regex
        part: body
        internal: true
        name: internal_detected_version
        group: 1
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'

      - type: regex
        part: body
        name: detected_version
        group: 1
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'

    matchers-condition: or
    matchers:
      - type: dsl
        name: "outdated_version"
        dsl:
          - compare_versions(internal_detected_version, concat("< ", last_version))

      - type: regex
        part: body
        regex:
          - '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a004730450220228c83cfb0cf87e3ac41b4bb1614a61679e89a68527cf529ef04678b1e7c03f0022100ee7c77ac432eea88ff765019eebcfe54ab0bbc41de030805bc4a72bf2dd4c6f8:922c64590222798bb761d5b6d8e72950