Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Plugin lifterlms Listing" module is designed to detect sensitive directories present in the lifterlms plugin. LifterLMS is a popular WordPress plugin used for creating and managing online courses. This module focuses on identifying potential misconfigurations or vulnerabilities within the lifterlms plugin.
Severity: Informative
Author: pussycat0x
This module aims to identify any sensitive directories that may be exposed in the lifterlms plugin. The presence of such directories could potentially lead to unauthorized access or information disclosure, depending on the specific misconfiguration or vulnerability found.
The module sends an HTTP GET request to the "/wp-content/plugins/lifterlms/" path of the target WordPress website. It then applies two matching conditions to determine if the response indicates the presence of sensitive directories:
If both conditions are met, the module considers the presence of sensitive directories within the lifterlms plugin as detected.
Example HTTP request:
GET /wp-content/plugins/lifterlms/ HTTP/1.1
Host: example.com
Note: The actual HTTP request may contain additional headers or parameters depending on the configuration of the Vidoc platform.
Metadata: max-request: 1
Reference: https://www.exploit-db.com/ghdb/6420