Wordpress Plugin Issuu Panel Remote/Local File Inclusion

What is the "Wordpress Plugin Issuu Panel Remote/Local File Inclusion?"

The "Wordpress Plugin Issuu Panel Remote/Local File Inclusion" module is designed to detect a vulnerability in the WordPress Issuu Plugin. This vulnerability allows unauthenticated attackers to disclose the content of both local and remote files. The severity of this vulnerability is classified as high, with a CVSS score of 8.6.

This module was authored by 0x_Akoko.

Impact

If exploited, this vulnerability can lead to the unauthorized disclosure of sensitive information stored in local and remote files. Attackers can potentially access confidential data, such as user credentials or system configuration files, which can be used for further malicious activities.

How the module works?

The module sends an HTTP GET request to the following path: /wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=%2Fetc%2Fpasswd. This request attempts to disclose the content of the /etc/passwd file.

The module includes two matching conditions:

- Regex Matcher: This condition checks if the response contains the string root:[x*]:0:0. If this string is found, it indicates that the content of the /etc/passwd file has been successfully disclosed. - Status Matcher: This condition checks if the HTTP response status is 200. If the status is 200, it confirms that the request was successful.

If both matching conditions are met, the module reports a vulnerability.