Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress Readme File

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#wordpress#wp#readme#files
Description

What is the "WordPress Readme File?"

The "WordPress Readme File" module is designed to detect the presence of the WordPress readme file on a website. The readme file is a standard file that provides information about the WordPress installation, including the version number and other details. This module focuses on identifying the presence of the readme file and does not perform any vulnerability or misconfiguration checks. It is an informative module with low severity.

Author: tess

Impact

This module does not have any direct impact on the website's security or functionality. It simply provides information about the presence of the WordPress readme file, which can be useful for understanding the WordPress installation and version.

How does the module work?

The "WordPress Readme File" module sends HTTP requests to specific paths commonly associated with the WordPress readme file, such as "/readme.html", "/wp/readme.html", and "/blog/wp/readme.html". It then applies matching conditions to determine if the file exists and if the response status is 200 (OK).

Matching conditions:

- The response body must contain the phrase "WordPress › ReadMe". - The response status must be 200 (OK).

If both conditions are met, the module considers the WordPress readme file to be present on the website.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/readme.html/wp/readme.html/blog/wp/readme.html
Matching conditions
word: WordPress › ReadMeand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability