Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion" module is designed to detect a vulnerability in the WordPress Aspose Importer & Exporter plugin version 1.0. This vulnerability allows an attacker to include local files on the server by exploiting a file path traversal issue. The severity of this vulnerability is classified as high.
If successfully exploited, this vulnerability can lead to unauthorized access to sensitive files on the server. This can potentially expose sensitive information such as database credentials, which can be used for further attacks.
The module sends a GET request to the vulnerable endpoint:
/wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php
The module then checks the response body for the presence of specific keywords, such as "DB_NAME" and "DB_PASSWORD". If these keywords are found, it indicates that the vulnerable file has been successfully included and sensitive information may be exposed.
Additionally, the module verifies that the response status code is 200, ensuring that the request was successful.
Note: It is important to promptly update the WordPress Aspose Importer & Exporter plugin to the latest version to mitigate this vulnerability.