Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Wordpress Oembed Proxy SSRF" module is designed to detect a server-side request forgery (SSRF) vulnerability in Wordpress websites. SSRF is a type of vulnerability that allows an attacker to make requests from the vulnerable server to arbitrary destinations, potentially bypassing security measures and accessing internal resources.
This module targets Wordpress, a popular content management system (CMS) used for creating websites and blogs. The severity of this vulnerability is classified as medium.
Author: dhiyaneshDk
If successfully exploited, the SSRF vulnerability in Wordpress can lead to various security risks, including:
- Unauthorized access to internal resources - Data leakage - Potential compromise of sensitive informationThe "Wordpress Oembed Proxy SSRF" module works by sending a specific HTTP request to the target Wordpress website. The request is made to the "/wp-json/oembed/1.0/proxy" endpoint, with a URL parameter that includes the {%InteractionURL%} placeholder. This placeholder represents the interaction URL that the Vidoc platform will replace with a valid value during scanning.
The module includes a matching condition that checks if the "interactsh_protocol" part of the response contains the word "http". If this condition is met, the module will report a vulnerability.
Here is an example of the HTTP request sent by the module:
GET /wp-json/oembed/1.0/proxy?url=http://{%InteractionURL%}/ HTTP/1.1
Host: [target website]
The module will analyze the response and determine if the SSRF vulnerability exists based on the matching condition.
Metadata: max-request: 1
Reference - https://book.hacktricks.xyz/pentesting/pentesting-web/wordpress - https://github.com/incogbyte/quickpress/blob/master/core/req.go