Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress Plugin Idx Broker Platinum Listing

By kannthu

Informative
Vidoc logoVidoc Module
#plugin#edb#wordpress#listing
Description

What is the "WordPress Plugin Idx Broker Platinum Listing?"

The "WordPress Plugin Idx Broker Platinum Listing" module is designed to detect sensitive directories present in the idx-broker-platinum plugin. This plugin is used in WordPress websites for listing purposes. The severity of this module is informative, meaning it provides valuable information but does not pose a direct security threat. The original author of this module is pussycat0x.

Impact

This module does not directly impact the website's security. Instead, it helps identify potential misconfigurations or vulnerabilities in the idx-broker-platinum plugin, allowing website owners to take appropriate actions to secure their site.

How does the module work?

The "WordPress Plugin Idx Broker Platinum Listing" module works by sending an HTTP GET request to the "/wp-content/plugins/idx-broker-platinum/" path of the WordPress website. It then applies two matching conditions to determine if sensitive directories are present:

    - The first matching condition checks if the response contains the words "Index of" and "wp-content/plugins/idx-broker-platinum/". - The second matching condition verifies if the response status is 200 (OK).

If both matching conditions are met, the module reports the presence of sensitive directories in the idx-broker-platinum plugin.

It's important to note that this module only performs a single test case and does not actively exploit any vulnerabilities or modify the website's configuration.

For more information, you can refer to the exploit-db.com page.

Metadata: max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-content/plugins/...
Matching conditions
word: Index of, wp-content/plugins/idx-broker-...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability