Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress Plugin lifterlms Listing

By kannthu

Vidoc logoVidoc Module

What is the "WordPress Plugin lifterlms Listing?"

The "WordPress Plugin lifterlms Listing" module is designed to detect sensitive directories present in the lifterlms plugin. LifterLMS is a popular WordPress plugin used for creating and managing online courses. This module focuses on identifying potential misconfigurations or vulnerabilities within the lifterlms plugin.

Severity: Informative

Author: pussycat0x


This module aims to identify any sensitive directories that may be exposed in the lifterlms plugin. The presence of such directories could potentially lead to unauthorized access or information disclosure, depending on the specific misconfiguration or vulnerability found.

How does the module work?

The module sends an HTTP GET request to the "/wp-content/plugins/lifterlms/" path of the target WordPress website. It then applies two matching conditions to determine if the response indicates the presence of sensitive directories:

    - The response body contains the phrase "Index of" and "/wp-content/plugins/lifterlms/". - The response status code is 200 (OK).

If both conditions are met, the module considers the presence of sensitive directories within the lifterlms plugin as detected.

Example HTTP request:

GET /wp-content/plugins/lifterlms/ HTTP/1.1

Note: The actual HTTP request may contain additional headers or parameters depending on the configuration of the Vidoc platform.

Metadata: max-request: 1


Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: Index of, /wp-content/plugins/lifterlms/and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability