Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Grimag <1.1.1 - Open Redirection" module is designed to detect an open redirect vulnerability in the WordPress Grimag theme before version 1.1.1. This vulnerability allows an attacker to redirect a user to a malicious site and potentially obtain sensitive information. The severity of this vulnerability is classified as medium.
This module was authored by 0x_Akoko.
An open redirect vulnerability in the WordPress Grimag theme can have serious consequences. By exploiting this vulnerability, an attacker can trick users into visiting malicious websites, leading to potential data theft, phishing attacks, or the installation of malware on their devices.
The "WordPress Grimag <1.1.1 - Open Redirection" module works by sending HTTP requests to the target WordPress site and analyzing the responses. It specifically targets the "/wp-content/themes/Grimag/go.php?https://interact.sh" path.
The module uses a regular expression matcher to check if the response header contains a redirect to a URL that matches the pattern "(?m)^(?:Location\\s*?:\\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\\-_\\.@]*)interact\\.sh.*$". If a match is found, the module reports a vulnerability.
It is important to note that this module is just one test case used in the Vidoc platform for scanning WordPress sites. Its purpose is to identify the presence of the open redirect vulnerability in the WordPress Grimag theme.