Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Duplicator Plugin - Information disclosure" module is designed to detect unauthenticated information disclosure vulnerabilities in the Duplicator WordPress plugin. This plugin is used for migrating, cloning, and backing up WordPress websites. The severity of this vulnerability is classified as medium.
This module was authored by tess.
An unauthenticated attacker can exploit this vulnerability to gain access to sensitive files within the Duplicator plugin. This can lead to the exposure of sensitive information, such as database credentials, configuration files, and other sensitive data stored within the plugin's backup directory.
The module works by sending HTTP requests to specific paths within the WordPress installation. It checks for the presence of certain conditions to determine if the information disclosure vulnerability exists.
For example, the module may send a GET request to the "/wp-content/backups-dup-lite/tmp/" and "/wp-content/backups-dup-lite" paths. It then matches the response against specific conditions, such as the presence of the phrase "Index of /wp-content/backups-dup-lite/" in the response body, the "text/html" content type in the response header, and a 200 status code.
If all the matching conditions are met, the module reports the vulnerability.
The module's JSON definition contains additional metadata, such as the maximum number of requests to be made (in this case, 2) and whether the vulnerability has been verified.