Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress 123ContactForm Plugin Directory Listing" module is designed to detect sensitive directories present in the 123contactform-for-wordpress plugin. This plugin is used in WordPress websites to integrate contact forms created with 123ContactForm. The module focuses on identifying potential misconfigurations or vulnerabilities in the plugin.
This module has an informative severity level, which means it provides valuable information but does not pose an immediate threat to the security of the website.
This module was authored by pussycat0x.
The impact of the "WordPress 123ContactForm Plugin Directory Listing" module is primarily informational. It helps website owners and administrators identify potential security weaknesses in the 123contactform-for-wordpress plugin. By detecting sensitive directories, it allows them to take appropriate actions to secure their websites and protect sensitive data.
The "WordPress 123ContactForm Plugin Directory Listing" module works by sending HTTP requests to the "/wp-content/plugins/123contactform-for-wordpress/" path of the target website. It then applies matching conditions to determine if the response indicates the presence of sensitive directories.
An example of a matching condition is checking if the response contains the words "Index of" and "/123contactform-for-wordpress". Additionally, the module verifies that the HTTP response status is 200, indicating a successful request.
By analyzing the responses and matching conditions, the module can identify potential misconfigurations or vulnerabilities in the 123contactform-for-wordpress plugin.
Reference: - Critical Vulnerabilities in 123ContactForm for WordPress Plugin - Exploit Database - 123ContactForm for WordPress Plugin