Wordpress DB Repair Exposed

What is the "Wordpress DB Repair Exposed" module?

The "Wordpress DB Repair Exposed" module is a test case designed to detect misconfigurations in Wordpress installations. It targets the Wordpress repair page and checks for a specific condition related to the "WP_ALLOW_REPAIR" constant. This module has a low severity level and was authored by _C0wb0y_.

Impact

If the module detects a misconfiguration, it indicates that the Wordpress repair page is accessible. This could potentially expose sensitive information or allow unauthorized access to the database repair functionality.

How does the module work?

The module works by sending a GET request to the "/wp-admin/maint/repair.php" path of the Wordpress installation. It then applies several matching conditions to determine if the repair page is exposed:

- The response status code must be 200. - The response body must contain the word "<title>WordPress". - The response body must not contain the words "define", "WP_ALLOW_REPAIR", and "true".

If all the matching conditions are met, the module reports a vulnerability.

Example HTTP request:

GET /wp-admin/maint/repair.php

The module checks if the response status code is 200, the response body contains the word "<title>WordPress", and the response body does not contain the words "define", "WP_ALLOW_REPAIR", and "true". If these conditions are satisfied, the module identifies a misconfiguration.