Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

NSE Script to Check for Content Injection in Wordpress

From: Vinamra Bhatia <vinamrabhatia8 () gmail com>
Date: Sun, 19 Mar 2017 01:54:13 +0530
Hello all,
I saw the latest vulnerability in WordPress Version 4.7.0 and 4.7.1
websites which use REST API(This API is enabled by default in these
versions). The vulnerability allows any visitor to update the posts.
Since Wordpress is very common and some of the sites I went through havent
been updated yet, so I contributed to this NSE Script.
The Github link for the Pull Request regarding the same.
https://github.com/nmap/nmap/pull/775
I would really appreciate the comments on this Script.

Best Regards,
Vinamra Bhatia
CS Sophomore
BITS Pilani

Attachment: http-wordpress-contentinjection.nse
Description: 

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: