Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress Exposed Installation

By kannthu

Critical
Vidoc logoVidoc Module
#panel#wordpress
Description

WordPress Exposed Installation

What is WordPress Exposed Installation?

The WordPress Exposed Installation module is designed to detect a misconfiguration in a WordPress installation. It targets the /wp-admin/install.php path and performs a GET request to check for specific conditions. This module is created to identify potential vulnerabilities in WordPress installations.

WordPress is a popular content management system (CMS) used by millions of websites worldwide. Due to its popularity, it is often targeted by hackers and malicious actors. This module helps website owners and administrators identify if their WordPress installation is exposed to potential security risks.

The severity of this module is classified as critical, indicating that it detects a significant vulnerability that could potentially lead to unauthorized access or compromise of the WordPress installation.

Impact

A misconfigured WordPress installation can have severe consequences for website owners. It can expose sensitive information, allow unauthorized access to the website, and potentially lead to the compromise of user data. By detecting exposed installations, this module helps website owners take necessary actions to secure their WordPress installations and protect their data and users.

How the module works?

The WordPress Exposed Installation module works by sending a GET request to the /wp-admin/install.php path of the target WordPress installation. It then checks for specific conditions to determine if the installation is exposed.

The module uses two matching conditions to identify an exposed installation:

    - Title Matcher: It checks if the HTML title of the response contains the string "WordPress › Installation" and "Site Title". This indicates that the installation page is accessible and potentially exposed. - Status Matcher: It verifies if the HTTP response status code is 200, indicating a successful request. This confirms that the installation page is accessible and further investigation is required.

By combining these matching conditions, the module can accurately identify exposed WordPress installations. Website owners can then take appropriate measures to secure their installations and prevent potential security breaches.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-admin/install.ph...
Matching conditions
word: <title>WordPress &rsaquo; Installation</...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability