Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "UpdraftPlus Plugin Pem Key" module is designed to detect a specific misconfiguration in the UpdraftPlus WordPress plugin. UpdraftPlus is a popular plugin used for backing up and restoring WordPress websites. This module focuses on identifying the presence of .pem files in the /wp-content/plugins/updraftplus/includes/ directory. The severity of this misconfiguration is classified as informative.
If the "UpdraftPlus Plugin Pem Key" module detects the presence of .pem files, it indicates a potential security risk. .pem files often contain sensitive information such as private keys, certificates, or other cryptographic material. If these files are accessible to unauthorized users, it could lead to unauthorized access or compromise of the website's security.
The "UpdraftPlus Plugin Pem Key" module works by sending an HTTP GET request to the /wp-content/plugins/updraftplus/includes/ directory of the target WordPress website. It then checks the response body for the presence of specific keywords, including "Index of /", ".pem", and "updraftplus". Additionally, it verifies that the HTTP response status is 200 (OK). If all the matching conditions are met, the module reports a potential misconfiguration.
Example HTTP request:
GET /wp-content/plugins/updraftplus/includes/ HTTP/1.1
Host: example.com
The matching conditions for this module are:
- The response body must contain the keywords "Index of /", ".pem", and "updraftplus". - The HTTP response status must be 200 (OK).If both conditions are satisfied, the module will report a potential misconfiguration in the UpdraftPlus WordPress plugin.