Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress license file disclosure" module is designed to detect the presence of the license.txt file in a WordPress installation. This module targets websites running on the WordPress web publishing software. It is an informative module, meaning it provides information rather than detecting a vulnerability or misconfiguration. The module was authored by yashgoti.
This module does not have a direct impact on the security of the WordPress website. It simply informs the user whether the license.txt file is accessible or not. The presence of the license.txt file does not pose a security risk, but it may provide information about the version of WordPress being used.
The "WordPress license file disclosure" module sends a GET request to the "/license.txt" path of the target website. It then applies two matching conditions to determine if the license.txt file is present:
If both conditions are met, the module reports a match, indicating that the license.txt file is accessible on the target website.
Example HTTP request:
GET /license.txt
Note: The above example is a simplified representation of the HTTP request sent by the module. The actual request may include additional headers or parameters.