Skip to content

Commit 5262a76

Browse files
committed
Land #14728, Update WPVDB link type
2 parents debe424 + f9e8ac8 commit 5262a76

File tree

4 files changed

+6
-4
lines changed

4 files changed

+6
-4
lines changed

documentation/modules/auxiliary/admin/http/wp_gdpr_compliance_privesc.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
## Description
22

3-
This module exploits the [Wordpress GDPR compliance plugin](https://wordpress.org/plugins/wp-gdpr-compliance/) lack of validation ([WPVDB 9144](https://wpvulndb.com/vulnerabilities/9144)), which affects versions 1.4.2 and lower.
3+
This module exploits the [Wordpress GDPR compliance plugin](https://wordpress.org/plugins/wp-gdpr-compliance/) lack of validation ([WPVDB 9144](https://wpscan.com/vulnerability/9144)), which affects versions 1.4.2 and lower.
44

55
When a user triggers GDPR-related actions, Wordpress's `admin-ajax.php` is called but fails to do validation and capacity checks regarding the asked actions. This leads to any unauthenticated user being able to modify any arbitrary settings on the targeted server.
66

lib/msf/core/module/reference.rb

+1-1
Original file line numberDiff line numberDiff line change
@@ -111,7 +111,7 @@ def initialize(in_ctx_id = 'Unknown', in_ctx_val = '')
111111
elsif in_ctx_id == 'ZDI'
112112
self.site = "http://www.zerodayinitiative.com/advisories/ZDI-#{in_ctx_val}"
113113
elsif in_ctx_id == 'WPVDB'
114-
self.site = "https://wpvulndb.com/vulnerabilities/#{in_ctx_val}"
114+
self.site = "https://wpscan.com/vulnerability/#{in_ctx_val}"
115115
elsif in_ctx_id == 'PACKETSTORM'
116116
self.site = "https://packetstormsecurity.com/files/#{in_ctx_val}"
117117
elsif in_ctx_id == 'URL'

tools/dev/msftidy.rb

+3-1
Original file line numberDiff line numberDiff line change
@@ -180,7 +180,7 @@ def check_ref_identifiers
180180
when 'ZDI'
181181
warn("Invalid ZDI reference") if value !~ /^\d{2}-\d{3,4}$/
182182
when 'WPVDB'
183-
warn("Invalid WPVDB reference") if value !~ /^\d+$/
183+
warn("Invalid WPVDB reference") if value !~ /^\d+$/ and value !~ /^[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}?$/
184184
when 'PACKETSTORM'
185185
warn("Invalid PACKETSTORM reference") if value !~ /^\d+$/
186186
when 'URL'
@@ -196,6 +196,8 @@ def check_ref_identifiers
196196
warn("Please use 'US-CERT-VU' for '#{value}'")
197197
elsif value =~ /^https?:\/\/wpvulndb\.com\/vulnerabilities\//
198198
warn("Please use 'WPVDB' for '#{value}'")
199+
elsif value =~ /^https?:\/\/wpscan\.com\/vulnerability\//
200+
warn("Please use 'WPVDB' for '#{value}'")
199201
elsif value =~ /^https?:\/\/(?:[^\.]+\.)?packetstormsecurity\.(?:com|net|org)\//
200202
warn("Please use 'PACKETSTORM' for '#{value}'")
201203
end

tools/modules/module_reference.rb

+1-1
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ def types
3535
'EDB' => 'http://www.exploit-db.com/exploits/#{in_ctx_val}',
3636
'US-CERT-VU' => 'http://www.kb.cert.org/vuls/id/#{in_ctx_val}',
3737
'ZDI' => 'http://www.zerodayinitiative.com/advisories/ZDI-#{in_ctx_val}',
38-
'WPVDB' => 'https://wpvulndb.com/vulnerabilities/#{in_ctx_val}',
38+
'WPVDB' => 'https://wpscan.com/vulnerability/#{in_ctx_val}',
3939
'PACKETSTORM' => 'https://packetstormsecurity.com/files/#{in_ctx_val}',
4040
'URL' => '#{in_ctx_val}'
4141
}

0 commit comments

Comments
 (0)