Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress super-forms Plugin Directory Listing

By kannthu

Vidoc logoVidoc Module

What is the "WordPress super-forms Plugin Directory Listing?"

The "WordPress super-forms Plugin Directory Listing" module is designed to detect sensitive directories present in the super-forms plugin for WordPress. It is a module used in the Vidoc platform to perform scanning for misconfigurations, vulnerabilities, or software fingerprinting. The severity of this module is classified as low.

This module was authored by pussycat0x.


This module helps identify potential security risks in the super-forms plugin for WordPress. By detecting sensitive directories, it can help prevent unauthorized access or information disclosure.

How does the module work?

The "WordPress super-forms Plugin Directory Listing" module works by sending an HTTP GET request to the "/wp-content/plugins/super-forms/" path of the target WordPress website. It then applies matching conditions to determine if the response indicates the presence of sensitive directories.

The matching conditions for this module are:

- The response body contains the phrase "Index of /wp-content/plugins/super-forms/". - The HTTP status code of the response is 200.

If both conditions are met, the module considers the target website to have a directory listing vulnerability in the super-forms plugin.

Here is an example of the HTTP request sent by the module:

GET /wp-content/plugins/super-forms/ HTTP/1.1
Host: [target website]

It is important to note that this module only performs one test case and focuses specifically on detecting directory listing vulnerabilities in the super-forms plugin for WordPress.

For more information, you can refer to the reference.


- Max requests: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: Index of /wp-content/plugins/super-forms...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability