mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-02 16:53:25 +08:00
32 lines
912 B
YAML
32 lines
912 B
YAML
id: wordpress-emergency-script
|
|
|
|
info:
|
|
name: WordPress Emergency Script
|
|
author: dwisiswant0
|
|
severity: info
|
|
description: Exposed wordpress password reset emergency script.
|
|
reference:
|
|
- https://wordpress.org/support/article/resetting-your-password/#using-the-emergency-password-reset-script
|
|
metadata:
|
|
max-request: 1
|
|
tags: wordpress
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/emergency.php"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "Your use of this script is at your sole risk"
|
|
- "WordPress Administrator"
|
|
- "Update Options"
|
|
condition: and
|
|
part: body
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a00473045022100871f29c60bd51d9ccb15ed7d5b8ec28b39dc358f94a50cf2cbdccc99d2da1f7202204cddb2d71194bf06ca3c537d724928a597fe74be0f3cf52c0ee0e9ffb6c88c8e:922c64590222798bb761d5b6d8e72950 |