Nmap Development mailing list archives
NSE Script to Check for Content Injection in Wordpress
From: Vinamra Bhatia <vinamrabhatia8 () gmail com>
Date: Sun, 19 Mar 2017 01:54:13 +0530
Hello all, I saw the latest vulnerability in WordPress Version 4.7.0 and 4.7.1 websites which use REST API(This API is enabled by default in these versions). The vulnerability allows any visitor to update the posts. Since Wordpress is very common and some of the sites I went through havent been updated yet, so I contributed to this NSE Script. The Github link for the Pull Request regarding the same. https://github.com/nmap/nmap/pull/775 I would really appreciate the comments on this Script. Best Regards, Vinamra Bhatia CS Sophomore BITS Pilani
Attachment:
http-wordpress-contentinjection.nse
Description:
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE Script to Check for Content Injection in Wordpress Vinamra Bhatia (Mar 18)