diff --git a/http/cves/2014/CVE-2014-4577.yaml b/http/cves/2014/CVE-2014-4577.yaml index d10508c5b5b..a058f2a4ab0 100644 --- a/http/cves/2014/CVE-2014-4577.yaml +++ b/http/cves/2014/CVE-2014-4577.yaml @@ -15,15 +15,15 @@ info: cvss-score: 5 cve-id: CVE-2014-4577 cwe-id: CWE-22 + cpe: cpe:2.3:a:websupporter:wp_amasin_-_the_amazon_affiliate_shop:*:*:*:*:*:wordpress:*:* epss-score: 0.00847 epss-percentile: 0.82512 - cpe: cpe:2.3:a:websupporter:wp_amasin_-_the_amazon_affiliate_shop:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 vendor: websupporter - product: wp_amasin_-_the_amazon_affiliate_shop + product: "wp_amasin_-_the_amazon_affiliate_shop" framework: wordpress publicwww-query: "/wp-content/plugins/wp-amasin-the-amazon-affiliate-shop/" + max-request: 2 tags: cve,cve2014,wordpress,wpscan,wp-plugin,lfi,wp,wp-amasin-the-amazon-affiliate-shop flow: http(1) && http(2) diff --git a/http/cves/2014/CVE-2014-4941.yaml b/http/cves/2014/CVE-2014-4941.yaml index 7a420ce331e..1600cd19705 100644 --- a/http/cves/2014/CVE-2014-4941.yaml +++ b/http/cves/2014/CVE-2014-4941.yaml @@ -15,15 +15,15 @@ info: cvss-score: 5 cve-id: CVE-2014-4941 cwe-id: CWE-22 + cpe: cpe:2.3:a:cross-rss_plugin_project:wp-cross-rss:1.7:*:*:*:*:wordpress:*:* epss-score: 0.00845 epss-percentile: 0.82498 - cpe: cpe:2.3:a:cross-rss_plugin_project:wp-cross-rss:1.7:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 1 - vendor: cross-rss_plugin_project - product: wp-cross-rss + max-request: 2 + vendor: "cross-rss_plugin_project" + product: "wp-cross-rss" framework: wordpress + verified: true tags: cve,cve2014,wp-cross-rss,wordpress,wp-plugin,lfi,wp flow: http(1) && http(2) diff --git a/http/cves/2014/CVE-2014-5181.yaml b/http/cves/2014/CVE-2014-5181.yaml index f1bd86392d0..c9e0fd302a0 100644 --- a/http/cves/2014/CVE-2014-5181.yaml +++ b/http/cves/2014/CVE-2014-5181.yaml @@ -11,13 +11,14 @@ info: cvss-score: 5 cve-id: CVE-2014-5181 cwe-id: CWE-22 + cpe: cpe:2.3:a:last.fm_rotation_plugin_project:lastfm-rotation_plugin:1.0:*:*:*:*:wordpress:*:* epss-score: 0.00845 epss-percentile: 0.82498 - cpe: cpe:2.3:a:last.fm_rotation_plugin_project:lastfm-rotation_plugin:1.0:*:*:*:*:wordpress:*:* metadata: - vendor: last.fm_rotation_plugin_project - product: lastfm-rotation_plugin + vendor: "last.fm_rotation_plugin_project" + product: "lastfm-rotation_plugin" framework: wordpress + max-request: 2 tags: wpscan,cve,cve2014,wp-cross-rss,wordpress,wp-plugin,lfi,wp,lastfm-rotation flow: http(1) && http(2) diff --git a/http/cves/2014/CVE-2014-5187.yaml b/http/cves/2014/CVE-2014-5187.yaml index 59835679afb..2cd18110891 100644 --- a/http/cves/2014/CVE-2014-5187.yaml +++ b/http/cves/2014/CVE-2014-5187.yaml @@ -14,16 +14,16 @@ info: cvss-score: 5 cve-id: CVE-2014-5187 cwe-id: CWE-22 + cpe: cpe:2.3:a:tom_m8te_plugin_project:tom-m8te_plugin:1.5.3:*:*:*:*:wordpress:*:* epss-score: 0.00845 epss-percentile: 0.82498 - cpe: cpe:2.3:a:tom_m8te_plugin_project:tom-m8te_plugin:1.5.3:*:*:*:*:wordpress:*:* metadata: - verified: true - max-request: 1 - vendor: tom_m8te_plugin_project - product: tom-m8te_plugin + vendor: "tom_m8te_plugin_project" + product: "tom-m8te_plugin" framework: wordpress publicwww-query: "/wp-content/plugins/tom-m8te/" + verified: true + max-request: 2 tags: wpscan,cve,cve2014,wp-cross-rss,wordpress,wp-plugin,lfi,wp,tom-m8te flow: http(1) && http(2) diff --git a/http/cves/2014/CVE-2014-6271.yaml b/http/cves/2014/CVE-2014-6271.yaml index 9a85264765e..e292e503aaa 100644 --- a/http/cves/2014/CVE-2014-6271.yaml +++ b/http/cves/2014/CVE-2014-6271.yaml @@ -5,26 +5,26 @@ info: author: pentest_swissky,0xelkomy severity: critical description: GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock. - impact: | - Remote code execution can lead to unauthorized access, data theft, and system compromise. - remediation: | - Apply the necessary patches and updates provided by the vendor to fix the vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2014-6271 - https://nvd.nist.gov/vuln/detail/CVE-2014-7169 - http://www.kb.cert.org/vuls/id/252743 - http://www.us-cert.gov/ncas/alerts/TA14-268A - http://advisories.mageia.org/MGASA-2014-0388.html + impact: | + Remote code execution can lead to unauthorized access, data theft, and system compromise. + remediation: | + Apply the necessary patches and updates provided by the vendor to fix the vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2014-6271 cwe-id: CWE-78 + cpe: cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:* epss-score: 0.97559 epss-percentile: 0.99998 - cpe: cpe:2.3:a:gnu:bash:1.14.0:*:*:*:*:*:*:* metadata: - max-request: 8 + max-request: 9 vendor: gnu product: bash tags: cve2014,cve,rce,shellshock,kev,gnu diff --git a/http/cves/2017/CVE-2017-3131.yaml b/http/cves/2017/CVE-2017-3131.yaml index 0874c804741..9e631492afa 100644 --- a/http/cves/2017/CVE-2017-3131.yaml +++ b/http/cves/2017/CVE-2017-3131.yaml @@ -6,28 +6,26 @@ info: severity: medium description: | A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.4.0 through 5.4.4 and 5.6.0 allows attackers to execute unauthorized code or commands via the filter input in "Applications" under FortiView. + reference: + - https://www.exploit-db.com/exploits/42388 + - https://nvd.nist.gov/vuln/detail/CVE-2017-3131 impact: | Successful exploitation could lead to execution of malicious javascript. remediation: | Apply the latest security patches or upgrade to new version to mitigate the XSS vulnerability. - reference: - - https://www.exploit-db.com/exploits/42388 - - https://nvd.nist.gov/vuln/detail/CVE-2017-3131 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2017-3131 cwe-id: CWE-79 + cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: fortinet product: fortios - shodan-query: - - http.html:"/remote/login" "xxxxxxxx" - - http.favicon.hash:945408572 - - cpe:"cpe:2.3:o:fortinet:fortios" + shodan-query: '[http.html:"/remote/login" "xxxxxxxx" http.favicon.hash:945408572 cpe:"cpe:2.3:o:fortinet:fortios"]' tags: cve,cve2017,fortinet,fortios,xss,authenticated http: diff --git a/http/cves/2017/CVE-2017-3132.yaml b/http/cves/2017/CVE-2017-3132.yaml index ec8bc357f82..8c5aa2e790b 100644 --- a/http/cves/2017/CVE-2017-3132.yaml +++ b/http/cves/2017/CVE-2017-3132.yaml @@ -6,28 +6,26 @@ info: severity: medium description: | A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to Execute unauthorized code or commands via the action input during the activation of a FortiToken. + reference: + - https://www.exploit-db.com/exploits/42388 + - https://nvd.nist.gov/vuln/detail/CVE-2017-3132 impact: | Successful exploitation could lead to execution of malicious javascript. remediation: | Apply the latest security patches or upgrade to new version to mitigate the XSS vulnerability. - reference: - - https://www.exploit-db.com/exploits/42388 - - https://nvd.nist.gov/vuln/detail/CVE-2017-3132 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-3132 cwe-id: CWE-79 + cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* metadata: vendor: fortinet product: fortios - shodan-query: - - http.html:"/remote/login" "xxxxxxxx" - - http.favicon.hash:945408572 - - cpe:"cpe:2.3:o:fortinet:fortios" + shodan-query: '[http.html:"/remote/login" "xxxxxxxx" http.favicon.hash:945408572 cpe:"cpe:2.3:o:fortinet:fortios"]' + max-request: 1 tags: cve,cve2017,fortinet,fortios,xss http: diff --git a/http/cves/2017/CVE-2017-3133.yaml b/http/cves/2017/CVE-2017-3133.yaml index 9e9f753be2b..b82981a3d03 100644 --- a/http/cves/2017/CVE-2017-3133.yaml +++ b/http/cves/2017/CVE-2017-3133.yaml @@ -6,28 +6,26 @@ info: severity: medium description: | A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN. + reference: + - https://www.exploit-db.com/exploits/42388 + - https://nvd.nist.gov/vuln/detail/CVE-2017-3133 impact: | Successful exploitation could lead to execution of malicious javascript. remediation: | Apply the latest security patches or upgrade to new version to mitigate the XSS vulnerability. - reference: - - https://www.exploit-db.com/exploits/42388 - - https://nvd.nist.gov/vuln/detail/CVE-2017-3133 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-3133 cwe-id: CWE-79 + cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:o:fortinet:fortios:5.4.0:*:*:*:*:*:*:* metadata: vendor: fortinet product: fortios - shodan-query: - - http.html:"/remote/login" "xxxxxxxx" - - http.favicon.hash:945408572 - - cpe:"cpe:2.3:o:fortinet:fortios" + shodan-query: '[http.html:"/remote/login" "xxxxxxxx" http.favicon.hash:945408572 cpe:"cpe:2.3:o:fortinet:fortios"]' + max-request: 3 tags: cve,cve2017,fortinet,fortios,xss,authenticated http: diff --git a/http/cves/2017/CVE-2017-5871.yaml b/http/cves/2017/CVE-2017-5871.yaml index 2938ea79fc7..b0137b41931 100644 --- a/http/cves/2017/CVE-2017-5871.yaml +++ b/http/cves/2017/CVE-2017-5871.yaml @@ -6,13 +6,13 @@ info: severity: medium description: | An Open Redirect vulnerability in Odoo versions <= 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL. + reference: + - https://sysdream.com/cve-2017-5871-odoo-url-redirection-to/ + - https://nvd.nist.gov/vuln/detail/CVE-2017-5871 impact: | Successful exploitation can redirect users to malicious sites, potentially leading to phishing attacks or information theft. remediation: | Update Odoo to the latest patched version provided by the vendor. - reference: - - https://sysdream.com/cve-2017-5871-odoo-url-redirection-to/ - - https://nvd.nist.gov/vuln/detail/CVE-2017-5871 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N cvss-score: 5.4 @@ -21,7 +21,7 @@ info: cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 3 shodan-query: title:"Odoo" product: odoo vendor: odoo diff --git a/http/cves/2019/CVE-2019-0232.yaml b/http/cves/2019/CVE-2019-0232.yaml index b351f19157b..a30687e5b9b 100644 --- a/http/cves/2019/CVE-2019-0232.yaml +++ b/http/cves/2019/CVE-2019-0232.yaml @@ -17,22 +17,16 @@ info: cvss-score: 8.1 cve-id: CVE-2019-0232 cwe-id: CWE-78 + cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* epss-score: 0.97373 epss-percentile: 0.99927 - cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: + fofa-query: '[body="jk status manager" body="apache tomcat" title="apache tomcat"]' + google-query: intitle:"apache tomcat" + max-request: 1 vendor: apache product: tomcat - shodan-query: - - http.html:"apache tomcat" - - http.title:"apache tomcat" - - http.html:"jk status manager" - - cpe:"cpe:2.3:a:apache:tomcat" - fofa-query: - - body="jk status manager" - - body="apache tomcat" - - title="apache tomcat" - google-query: intitle:"apache tomcat" + shodan-query: '[http.html:"apache tomcat" http.title:"apache tomcat" http.html:"jk status manager" cpe:"cpe:2.3:a:apache:tomcat"]' tags: cve,cve2019,packetstorm,seclists,apache,tomcat variables: diff --git a/http/cves/2019/CVE-2019-8943.yaml b/http/cves/2019/CVE-2019-8943.yaml index 27933f91535..372e2e21cc7 100644 --- a/http/cves/2019/CVE-2019-8943.yaml +++ b/http/cves/2019/CVE-2019-8943.yaml @@ -17,16 +17,15 @@ info: cvss-score: 6.5 cve-id: CVE-2019-8943 cwe-id: CWE-22 + cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* epss-score: 0.92778 epss-percentile: 0.99097 - cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: + max-request: 18 verified: true vendor: wordpress product: wordpress - shodan-query: - - http.component:"wordpress" - - cpe:"cpe:2.3:a:wordpress:wordpress" + shodan-query: '[http.component:"wordpress" cpe:"cpe:2.3:a:wordpress:wordpress"]' fofa-query: body="oembed" && body="wp-" tags: cve,cve2019,wordpress,rce,intrusive,authenticated,packetstorm,wp-theme diff --git a/http/cves/2020/CVE-2020-10189.yaml b/http/cves/2020/CVE-2020-10189.yaml index 52960fb2c26..4852a8995fe 100644 --- a/http/cves/2020/CVE-2020-10189.yaml +++ b/http/cves/2020/CVE-2020-10189.yaml @@ -6,31 +6,28 @@ info: severity: critical description: | Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untrusted data, which permits remote code execution. - remediation: | - Apply updates per vendor instructions. reference: - https://nvd.nist.gov/vuln/detail/CVE-2020-10189 - https://blog.reconinfosec.com/analysis-of-exploitation-cve-2020-10189 - https://www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html - https://y4er.com/posts/cve-2020-10189-zoho-manageengine-rce/ - https://cwe.mitre.org/data/definitions/502.html + remediation: | + Apply updates per vendor instructions. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-10189 cwe-id: CWE-502 + cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* epss-score: 0.97206 epss-percentile: 0.99826 - cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: zohocorp - product: manageengine_desktop_central - fofa-query: - - body="manageengine desktop central 10" - - title="manageengine desktop central 10" - - app="zoho-manageengine-desktop" + product: "manageengine_desktop_central" + fofa-query: '[body="manageengine desktop central 10" title="manageengine desktop central 10" app="zoho-manageengine-desktop"]' shodan-query: http.title:"manageengine desktop central 10" google-query: intitle:"manageengine desktop central 10" tags: cve,cve2020,kev,zoho,manageengine,deserialization,intrusive diff --git a/http/cves/2020/CVE-2020-28429.yaml b/http/cves/2020/CVE-2020-28429.yaml index 889cdeb0a1a..815ecd8e7fb 100644 --- a/http/cves/2020/CVE-2020-28429.yaml +++ b/http/cves/2020/CVE-2020-28429.yaml @@ -6,27 +6,27 @@ info: severity: critical description: | Detects command injection vulnerability by checking if `hacked.txt` is created and contains the expected content. - impact: | - Successful exploitation of this vulnerability could result in unauthorized access, remote code execution, privilege escalation - remediation: | - Do not use geojson2kml. There is no fixed version for geojson2kml. reference: - https://snyk.io/vuln/SNYK-JS-GEOJSON2KML-1050412 - https://github.com/advisories/GHSA-w83x-fp72-p9qc - https://nvd.nist.gov/vuln/detail/CVE-2020-28429 + impact: | + Successful exploitation of this vulnerability could result in unauthorized access, remote code execution, privilege escalation + remediation: | + Do not use geojson2kml. There is no fixed version for geojson2kml. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-28429 cwe-id: CWE-78 + cpe: cpe:2.3:a:geojson2kml_project:geojson2kml:*:*:*:*:*:node.js:*:* epss-score: 0.01897 epss-percentile: 0.8876 - cpe: cpe:2.3:a:geojson2kml_project:geojson2kml:*:*:*:*:*:node.js:*:* metadata: - max-request: 1 - vendor: geojson2kml_project product: geojson2kml - framework: node.js + framework: "node.js" + max-request: 2 + vendor: "geojson2kml_project" tags: cve,cve2020,rce,geojson2kml,file-upload,intrusive variables: diff --git a/http/cves/2021/CVE-2021-24274.yaml b/http/cves/2021/CVE-2021-24274.yaml index fc4cbd75e85..74fccc53a55 100644 --- a/http/cves/2021/CVE-2021-24274.yaml +++ b/http/cves/2021/CVE-2021-24274.yaml @@ -5,28 +5,28 @@ info: author: DhiyaneshDK severity: medium description: WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute. - impact: | - Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into the affected website, potentially leading to session hijacking, defacement, or theft of sensitive information. - remediation: | - Update the WordPress Supsystic Ultimate Maps plugin to version 1.2.5 or later to mitigate the vulnerability. reference: - https://wpscan.com/vulnerability/200a3031-7c42-4189-96b1-bed9e0ab7c1d - http://packetstormsecurity.com/files/164316/WordPress-Ultimate-Maps-1.2.4-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24274 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon + impact: | + Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into the affected website, potentially leading to session hijacking, defacement, or theft of sensitive information. + remediation: | + Update the WordPress Supsystic Ultimate Maps plugin to version 1.2.5 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24274 cwe-id: CWE-79 + cpe: cpe:2.3:a:supsystic:ultimate_maps:*:*:*:*:*:wordpress:*:* epss-score: 0.00201 epss-percentile: 0.56972 - cpe: cpe:2.3:a:supsystic:ultimate_maps:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 + max-request: 2 vendor: supsystic - product: ultimate_maps + product: "ultimate_maps" framework: wordpress tags: cve2021,cve,wpscan,packetstorm,wordpress,wp-plugin,maps,supsystic,xss diff --git a/http/cves/2021/CVE-2021-24891.yaml b/http/cves/2021/CVE-2021-24891.yaml index 8cc87d469de..b4460b398fd 100644 --- a/http/cves/2021/CVE-2021-24891.yaml +++ b/http/cves/2021/CVE-2021-24891.yaml @@ -6,25 +6,25 @@ info: severity: medium description: | WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash. - impact: | - Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website. - remediation: | - Update WordPress Elementor Website Builder to version 3.1.4 or later to mitigate this vulnerability. reference: - https://www.jbelamor.com/xss-elementor-lightox.html - https://wpscan.com/vulnerability/fbed0daa-007d-4f91-8d87-4bca7781de2d - https://nvd.nist.gov/vuln/detail/CVE-2021-24891 - https://github.com/ARPSyndicate/kenzer-templates + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential data theft, session hijacking, or defacement of the affected website. + remediation: | + Update WordPress Elementor Website Builder to version 3.1.4 or later to mitigate this vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24891 cwe-id: CWE-79 + cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:* epss-score: 0.00116 epss-percentile: 0.45236 - cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:* metadata: - max-request: 3 + max-request: 2 vendor: elementor product: "website_builder" framework: wordpress diff --git a/http/cves/2021/CVE-2021-43831.yaml b/http/cves/2021/CVE-2021-43831.yaml index 6413d759a19..f4d37d3ab3a 100644 --- a/http/cves/2021/CVE-2021-43831.yaml +++ b/http/cves/2021/CVE-2021-43831.yaml @@ -6,26 +6,27 @@ info: severity: high description: | Files on the host computer can be accessed from the Gradio interface + reference: + - https://github.com/gradio-app/gradio/security/advisories/GHSA-rhq2-3vr9-6mcr + - https://github.com/gradio-app/gradio/commit/41bd3645bdb616e1248b2167ca83636a2653f781 impact: | An attacker would be able to view the contents of a file on the computer. remediation: | Update to version 2.5.0. - reference: - - https://github.com/gradio-app/gradio/security/advisories/GHSA-rhq2-3vr9-6mcr - - https://github.com/gradio-app/gradio/commit/41bd3645bdb616e1248b2167ca83636a2653f781 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N cvss-score: 7.7 cve-id: CVE-2021-43831 cwe-id: CWE-22 + cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:* epss-score: 0.00063 epss-percentile: 0.26511 - cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:* metadata: - vendor: gradio_project + vendor: "gradio_project" product: gradio framework: python shodan-query: title:"Gradio" + max-request: 2 tags: cve,cve2021,lfi,gradio http: diff --git a/http/cves/2022/CVE-2022-24637.yaml b/http/cves/2022/CVE-2022-24637.yaml index 1fa944ed174..09eafa90c85 100644 --- a/http/cves/2022/CVE-2022-24637.yaml +++ b/http/cves/2022/CVE-2022-24637.yaml @@ -17,14 +17,14 @@ info: cvss-score: 9.8 cve-id: CVE-2022-24637 cwe-id: CWE-269 + cpe: cpe:2.3:a:openwebanalytics:open_web_analytics:*:*:*:*:*:*:*:* epss-score: 0.84852 epss-percentile: 0.98585 - cpe: cpe:2.3:a:openwebanalytics:open_web_analytics:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 6 + max-request: 9 vendor: openwebanalytics - product: open_web_analytics + product: "open_web_analytics" shodan-query: cpe:"cpe:2.3:a:openwebanalytics:open_web_analytics" tags: cve,cve2022,packetstorm,rce,intrusive,open-web-analytics diff --git a/http/cves/2022/CVE-2022-27043.yaml b/http/cves/2022/CVE-2022-27043.yaml index 4fa92bca134..407e76f8560 100644 --- a/http/cves/2022/CVE-2022-27043.yaml +++ b/http/cves/2022/CVE-2022-27043.yaml @@ -15,12 +15,12 @@ info: cvss-score: 7.5 cve-id: CVE-2022-27043 cwe-id: CWE-22 + cpe: cpe:2.3:a:yearning:yearning:*:*:*:*:*:*:*:* epss-score: 0.00238 epss-percentile: 0.62311 - cpe: cpe:2.3:a:yearning:yearning:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: yearning product: yearning fofa-query: app="Yearning" diff --git a/http/cves/2022/CVE-2022-35914.yaml b/http/cves/2022/CVE-2022-35914.yaml index 698c9ff15a8..c741fb49497 100644 --- a/http/cves/2022/CVE-2022-35914.yaml +++ b/http/cves/2022/CVE-2022-35914.yaml @@ -6,10 +6,6 @@ info: severity: critical description: | GLPI through 10.0.2 is susceptible to remote command execution injection in /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module. - impact: | - Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the target system. - remediation: | - Upgrade GLPI to a version higher than 10.0.2 to mitigate this vulnerability. reference: - https://mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914 - https://github.com/cosad3s/CVE-2022-35914-poc @@ -18,26 +14,26 @@ info: - https://github.com/glpi-project/glpi/releases - https://senderend.medium.com/pg-practice-box-deep-dive-glpi-c3a1cf1520f8 - https://github.com/allendemoura/CVE-2022-35914 + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the target system. + remediation: | + Upgrade GLPI to a version higher than 10.0.2 to mitigate this vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-35914 cwe-id: CWE-74 + cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* epss-score: 0.97399 epss-percentile: 0.99914 - cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - vendor: glpi-project + max-request: 3 + vendor: "glpi-project" product: glpi - shodan-query: - - http.favicon.hash:"-1474875778" - - http.title:"glpi" - fofa-query: - - icon_hash="-1474875778" - - title="glpi" + shodan-query: '[http.favicon.hash:"-1474875778" http.title:"glpi"]' + fofa-query: '[icon_hash="-1474875778" title="glpi"]' google-query: intitle:"glpi" + verified: true tags: cve,cve2022,glpi,rce,kev,glpi-project variables: cmd: "cat+/etc/passwd" diff --git a/http/cves/2023/CVE-2023-0676.yaml b/http/cves/2023/CVE-2023-0676.yaml index 9ed5ee0928e..27eb8a891f4 100644 --- a/http/cves/2023/CVE-2023-0676.yaml +++ b/http/cves/2023/CVE-2023-0676.yaml @@ -6,22 +6,23 @@ info: severity: medium description: | Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. + reference: + - https://huntr.dev/bounties/b72d4f0c-8a96-4b40-a031-7d469c6ab93b + - https://nvd.nist.gov/vuln/detail/CVE-2023-0676 impact: | Allows attackers to execute malicious scripts in the context of a user's browser session. remediation: | Update phpipam/phpipam to the latest version to patch the vulnerability. - reference: - - https://huntr.dev/bounties/b72d4f0c-8a96-4b40-a031-7d469c6ab93b - - https://nvd.nist.gov/vuln/detail/CVE-2023-0676 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-0676 cwe-id: CWE-79 + cpe: cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:* epss-score: 0.00059 epss-percentile: 0.24112 - cpe: cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: phpipam product: phpipam shodan-query: html:"phpIPAM IP address management" diff --git a/http/cves/2023/CVE-2023-1315.yaml b/http/cves/2023/CVE-2023-1315.yaml index e5bbc0c825c..a4e873cc5a0 100644 --- a/http/cves/2023/CVE-2023-1315.yaml +++ b/http/cves/2023/CVE-2023-1315.yaml @@ -6,23 +6,23 @@ info: severity: medium description: | Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. + reference: + - https://huntr.com/bounties/70a7fd8c-7e6f-4a43-9f8c-163b8967b16e + - https://nvd.nist.gov/vuln/detail/CVE-2023-1315 impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential data theft or unauthorized actions. remediation: | Upgrade osTicket to later version to mitigate this vulnerability. - reference: - - https://huntr.com/bounties/70a7fd8c-7e6f-4a43-9f8c-163b8967b16e - - https://nvd.nist.gov/vuln/detail/CVE-2023-1315 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-1315 cwe-id: CWE-79 + cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* epss-score: 0.00058 epss-percentile: 0.25661 - cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* metadata: - max-request: 3 + max-request: 5 vendor: osticket product: osticket shodan-query: title:"osTicket" diff --git a/http/cves/2023/CVE-2023-1318.yaml b/http/cves/2023/CVE-2023-1318.yaml index 60f6ca64752..6521574e02e 100644 --- a/http/cves/2023/CVE-2023-1318.yaml +++ b/http/cves/2023/CVE-2023-1318.yaml @@ -6,23 +6,23 @@ info: severity: medium description: | Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6. + reference: + - https://huntr.com/bounties/e58b38e0-4897-4bb0-84e8-a7ad8efab338 + - https://nvd.nist.gov/vuln/detail/CVE-2023-1318 impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to potential data theft or unauthorized actions. remediation: | Upgrade osTicket to later version to mitigate this vulnerability. - reference: - - https://huntr.com/bounties/e58b38e0-4897-4bb0-84e8-a7ad8efab338 - - https://nvd.nist.gov/vuln/detail/CVE-2023-1318 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-1318 cwe-id: CWE-79 + cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* epss-score: 0.00058 epss-percentile: 0.25661 - cpe: cpe:2.3:a:osticket:osticket:*:*:*:*:*:*:*:* metadata: - max-request: 7 + max-request: 11 vendor: osticket product: osticket shodan-query: title:"osTicket" diff --git a/http/cves/2023/CVE-2023-27641.yaml b/http/cves/2023/CVE-2023-27641.yaml index f6e2b0d8a2b..e4eea11bb4a 100644 --- a/http/cves/2023/CVE-2023-27641.yaml +++ b/http/cves/2023/CVE-2023-27641.yaml @@ -6,26 +6,27 @@ info: severity: medium description: | The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL. + reference: + - https://github.com/hosakauk/exploits/blob/master/listserv_report_xss.MD + - https://nvd.nist.gov/vuln/detail/CVE-2023-27641 impact: | Successful exploitation could lead to unauthorized access or data theft. remediation: | Update to the latest version of L-Soft LISTSERV to mitigate the XSS vulnerability. - reference: - - https://github.com/hosakauk/exploits/blob/master/listserv_report_xss.MD - - https://nvd.nist.gov/vuln/detail/CVE-2023-27641 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-27641 cwe-id: CWE-79 + cpe: cpe:2.3:a:lsoft:listserv:*:*:*:*:*:*:*:* epss-score: 0.00068 epss-percentile: 0.28723 - cpe: cpe:2.3:a:lsoft:listserv:*:*:*:*:*:*:*:* metadata: vendor: lsoft product: listserv shodan-query: http.html:"LISTSERV" fofa-query: body="listserv" + max-request: 1 tags: cve2023,cve,xss,listserv,edb,lsoft http: diff --git a/http/cves/2023/CVE-2023-27847.yaml b/http/cves/2023/CVE-2023-27847.yaml index 71e13809b10..dcfaa7cb56f 100644 --- a/http/cves/2023/CVE-2023-27847.yaml +++ b/http/cves/2023/CVE-2023-27847.yaml @@ -6,11 +6,11 @@ info: severity: critical description: | In the blog module (xipblog), an anonymous user can perform SQL injection. Even though the module has been patched in version 2.0.1, the version number was not incremented at the time. - impact: | - Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage. reference: - https://security.friendsofpresta.org/modules/2023/03/23/xipblog.html - https://nvd.nist.gov/vuln/detail/CVE-2023-27847 + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -19,11 +19,11 @@ info: epss-score: 0.04685 epss-percentile: 0.91818 metadata: - verified: true - max-request: 2 - framework: prestashop shodan-query: html:"/xipblog" fofa-query: app="Prestashop" + verified: true + max-request: 3 + framework: prestashop tags: time-based-sqli,cve,cve2023,prestashop,sqli,xipblog flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-29204.yaml b/http/cves/2023/CVE-2023-29204.yaml index 31623a826ef..eba1a7202d1 100644 --- a/http/cves/2023/CVE-2023-29204.yaml +++ b/http/cves/2023/CVE-2023-29204.yaml @@ -6,29 +6,29 @@ info: severity: medium description: | XWiki Commons are technical libraries common to several other top level XWiki projects. It is possible to bypass the existing security measures put in place to avoid open redirect by using a redirect such as `//mydomain.com` (i.e. omitting the `http:`). It was also possible to bypass it when using URL such as `http:/mydomain.com`. The problem has been patched on XWiki 13.10.10, 14.4.4 and 14.8RC1. - impact: | - An attacker can redirect users to malicious websites, leading to phishing attacks or malware downloads. - remediation: | - Implement proper input validation and sanitize user-controlled input to prevent open redirect vulnerabilities. reference: - https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xwph-x6xj-wggv - https://jira.xwiki.org/browse/XWIKI-10309 - https://jira.xwiki.org/browse/XWIKI-19994 - https://nvd.nist.gov/vuln/detail/CVE-2023-29204 + impact: | + An attacker can redirect users to malicious websites, leading to phishing attacks or malware downloads. + remediation: | + Implement proper input validation and sanitize user-controlled input to prevent open redirect vulnerabilities. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-29204 cwe-id: CWE-601 + cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* epss-score: 0.00094 epss-percentile: 0.39237 - cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* metadata: - max-request: 1 + fofa-query: body="data-xwiki-reference" + max-request: 2 vendor: xwiki product: xwiki shodan-query: html:"data-xwiki-reference" - fofa-query: body="data-xwiki-reference" tags: cve,cve2023,xwiki,redirect http: diff --git a/http/cves/2023/CVE-2023-3380.yaml b/http/cves/2023/CVE-2023-3380.yaml index 072919787b0..dc2f4d12fff 100644 --- a/http/cves/2023/CVE-2023-3380.yaml +++ b/http/cves/2023/CVE-2023-3380.yaml @@ -15,13 +15,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-3380 cwe-id: CWE-74 + cpe: cpe:2.3:o:wavlink:wn579x3_firmware:*:*:*:*:*:*:*:* epss-score: 0.00064 epss-percentile: 0.26519 - cpe: cpe:2.3:o:wavlink:wn579x3_firmware:*:*:*:*:*:*:*:* metadata: vendor: wavlink - product: wn579x3_firmware + product: "wn579x3_firmware" shodan-query: http.html:"Wavlink" + max-request: 2 tags: cve,cve2023,wavlink,rce flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-35155.yaml b/http/cves/2023/CVE-2023-35155.yaml index d5e11ea7067..5e169647450 100644 --- a/http/cves/2023/CVE-2023-35155.yaml +++ b/http/cves/2023/CVE-2023-35155.yaml @@ -6,26 +6,27 @@ info: severity: medium description: | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Users are able to forge an URL with a payload allowing to inject Javascript in the page (XSS). + reference: + - https://jira.xwiki.org/browse/XWIKI-20370 + - https://nvd.nist.gov/vuln/detail/CVE-2023-35155 impact: | Successful exploitation could lead to unauthorized access to sensitive information or account takeover remediation: | Apply the latest security patches provided by XWiki to mitigate the vulnerability - reference: - - https://jira.xwiki.org/browse/XWIKI-20370 - - https://nvd.nist.gov/vuln/detail/CVE-2023-35155 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-35155 cwe-id: CWE-79 + cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:* metadata: + fofa-query: body="data-xwiki-reference" + max-request: 1 vendor: xwiki product: xwiki shodan-query: html:"data-xwiki-reference" - fofa-query: body="data-xwiki-reference" tags: cve,cve2023,xwiki,xss http: diff --git a/http/cves/2023/CVE-2023-3578.yaml b/http/cves/2023/CVE-2023-3578.yaml index 7c4f332ccb3..a88d38dbcd7 100644 --- a/http/cves/2023/CVE-2023-3578.yaml +++ b/http/cves/2023/CVE-2023-3578.yaml @@ -6,26 +6,27 @@ info: severity: critical description: | Manipulation of the rssurl parameter in co_do.php leads to server-side request forgery in DedeCMS version 5.7.109. + reference: + - https://github.com/nightcloudos/cve/blob/main/SSRF.md + - https://nvd.nist.gov/vuln/detail/CVE-2023-3578 impact: | Successful exploitation could lead to sensitive data exposure, server-side request forgery, and potential server compromise. remediation: | Apply the vendor-supplied patch or update to a non-vulnerable version of DedeCMS. - reference: - - https://github.com/nightcloudos/cve/blob/main/SSRF.md - - https://nvd.nist.gov/vuln/detail/CVE-2023-3578 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-3578 cwe-id: CWE-918 + cpe: cpe:2.3:a:dedecms:dedecms:5.7.109:*:*:*:*:*:*:* epss-score: 0.00063 epss-percentile: 0.26288 - cpe: cpe:2.3:a:dedecms:dedecms:5.7.109:*:*:*:*:*:*:* metadata: - vendor: dedecms product: dedecms shodan-query: http.html:"DedeCms" fofa-query: app="DedeCMS" + max-request: 2 + vendor: dedecms tags: cve,cve2023,dedecms,ssrf,oast flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-38194.yaml b/http/cves/2023/CVE-2023-38194.yaml index 46dad2ac69c..2b7cf13c0e4 100644 --- a/http/cves/2023/CVE-2023-38194.yaml +++ b/http/cves/2023/CVE-2023-38194.yaml @@ -6,23 +6,23 @@ info: severity: medium description: | An issue was discovered in SuperWebMailer 9.00.0.01710 that allows keepalive.php XSS via a GET parameter. + reference: + - https://herolab.usd.de/security-advisories/usd-2023-0013/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-38194 impact: | Successful exploitation could allow an attacker to execute malicious scripts in the context of a user's browser, leading to potential data theft or account compromise. remediation: | Implement input validation and output encoding to prevent XSS attacks in the SuperWebMailer keepalive.php script. - reference: - - https://herolab.usd.de/security-advisories/usd-2023-0013/ - - https://nvd.nist.gov/vuln/detail/CVE-2023-38194 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-38194 cwe-id: CWE-79 + cpe: cpe:2.3:a:superwebmailer:superwebmailer:9.00.0.01710:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:a:superwebmailer:superwebmailer:9.00.0.01710:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 verified: true vendor: superwebmailer product: superwebmailer diff --git a/http/cves/2023/CVE-2023-40504.yaml b/http/cves/2023/CVE-2023-40504.yaml index 947ebcb9c7a..4e8ef5b99a4 100644 --- a/http/cves/2023/CVE-2023-40504.yaml +++ b/http/cves/2023/CVE-2023-40504.yaml @@ -19,10 +19,10 @@ info: epss-score: 0.00094 epss-percentile: 0.40471 metadata: - max-request: 1 + max-request: 4 verified: true vendor: lg - product: simple_editor + product: "simple_editor" fofa-query: icon_hash="159985907" tags: cve,cve2023,lg,simple-editor,intrusive,rce,file-upload diff --git a/http/cves/2023/CVE-2023-40755.yaml b/http/cves/2023/CVE-2023-40755.yaml index 157de65cd8d..c2a9553bb53 100644 --- a/http/cves/2023/CVE-2023-40755.yaml +++ b/http/cves/2023/CVE-2023-40755.yaml @@ -16,12 +16,12 @@ info: cwe-id: CWE-79 cpe: cpe:2.3:a:phpjabbers:callback_widget:1.0:*:*:*:*:*:*:* metadata: + product: "callback_widget" verified: true - max-request: 1 + max-request: 2 shodan-query: html:"PHPJabbers" fofa-query: body="PHPJabbers" vendor: phpjabbers - product: callback_widget tags: cve,cve2023,phpjabbers,callback-widget,xss flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-41599.yaml b/http/cves/2023/CVE-2023-41599.yaml index f5aa93a1b0c..c3b10b94b31 100644 --- a/http/cves/2023/CVE-2023-41599.yaml +++ b/http/cves/2023/CVE-2023-41599.yaml @@ -17,13 +17,14 @@ info: cvss-score: 5.3 cve-id: CVE-2023-41599 cwe-id: CWE-22 + cpe: cpe:2.3:a:jfinalcms_project:jfinalcms:5.0.0:*:*:*:*:*:*:* epss-score: 0.00047 epss-percentile: 0.17113 - cpe: cpe:2.3:a:jfinalcms_project:jfinalcms:5.0.0:*:*:*:*:*:*:* metadata: - vendor: jfinalcms_project + vendor: "jfinalcms_project" product: jfinalcms fofa-query: body="content=\"JreCms" + max-request: 1 tags: cve,cve2023,jrecms http: diff --git a/http/cves/2023/CVE-2023-43323.yaml b/http/cves/2023/CVE-2023-43323.yaml index 02309869807..1f5059ca271 100644 --- a/http/cves/2023/CVE-2023-43323.yaml +++ b/http/cves/2023/CVE-2023-43323.yaml @@ -6,31 +6,28 @@ info: severity: medium description: | mooSocial 3.1.8 is vulnerable to external service interaction via multiple parameters in the post function. - impact: | - An attacker can exploit this vulnerability to interact with external services. - remediation: | - Upgrade to a patched version of mooSocial to mitigate CVE-2023-43323. reference: - https://github.com/ahrixia/CVE-2023-43323 - https://github.com/nomi-sec/PoC-in-GitHub - https://nvd.nist.gov/vuln/detail/CVE-2023-43323 + impact: | + An attacker can exploit this vulnerability to interact with external services. + remediation: | + Upgrade to a patched version of mooSocial to mitigate CVE-2023-43323. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2023-43323 + cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: moosocial product: moostore - shodan-query: http.favicon.hash:702863115clear - fofa-query: - - mooSocial - - moosocial - - icon_hash="702863115" - tags: cve,cve2023,moosocial,oast + shodan-query: "http.favicon.hash:702863115clear" + fofa-query: '[mooSocial moosocial icon_hash="702863115"]' + tags: "cve,cve2023,moosocial,oast" flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-43472.yaml b/http/cves/2023/CVE-2023-43472.yaml index b4193e2ff8a..ea30dcf9d61 100644 --- a/http/cves/2023/CVE-2023-43472.yaml +++ b/http/cves/2023/CVE-2023-43472.yaml @@ -6,26 +6,27 @@ info: severity: high description: | An issue in MLFlow versions 2.8.1 and before allows a remote attacker to obtain sensitive information via a crafted request to REST API. + reference: + - https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security + - https://nvd.nist.gov/vuln/detail/CVE-2023-43472 impact: | An attacker can access sensitive information stored in MLFlow. remediation: | Upgrade MLFlow to a version that has patched CVE-2023-43472. - reference: - - https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security - - https://nvd.nist.gov/vuln/detail/CVE-2023-43472 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-43472 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* epss-score: 0.00116 epss-percentile: 0.45309 - cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true vendor: lfprojects product: mlflow shodan-query: http.title:"mlflow" fofa-query: app="MLflow" + max-request: 1 tags: cve,cve2023,mflow,exposure http: diff --git a/http/cves/2023/CVE-2023-43662.yaml b/http/cves/2023/CVE-2023-43662.yaml index 12c5dc0c1c2..98348fc0239 100644 --- a/http/cves/2023/CVE-2023-43662.yaml +++ b/http/cves/2023/CVE-2023-43662.yaml @@ -6,26 +6,27 @@ info: severity: high description: | ShokoServer is a media server which specializes in organizing anime. In affected versions the `/api/Image/WithPath` endpoint is accessible without authentication and is supposed to return default server images. The endpoint accepts the parameter `serverImagePath`, which is not sanitized in any way before being passed to `System.IO.File.OpenRead`, which results in an arbitrary file read. + reference: + - https://github.com/wy876/POC/blob/main/Ncast%E9%AB%98%E6%B8%85%E6%99%BA%E8%83%BD%E5%BD%95%E6%92%AD%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md + - https://github.com/ShokoAnime/ShokoServer/commit/6c57ba0f073d6be5a4f508c46c2ce36727cbce80 impact: | This issue may lead to an arbitrary file read which is exacerbated in the windows installer which installs the ShokoServer as administrator. Any unauthenticated attacker may be able to access sensitive information and read files stored on the server. remediation: | The `/api/Image/WithPath` endpoint has been removed in commit `6c57ba0f0` which will be included in subsequent releases. Users should limit access to the `/api/Image/WithPath` endpoint or manually patch their installations until a patched release is made. This issue was discovered by the GitHub Security lab and is also indexed as GHSL-2023-191. - reference: - - https://github.com/wy876/POC/blob/main/Ncast%E9%AB%98%E6%B8%85%E6%99%BA%E8%83%BD%E5%BD%95%E6%92%AD%E7%B3%BB%E7%BB%9F%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.md - - https://github.com/ShokoAnime/ShokoServer/commit/6c57ba0f073d6be5a4f508c46c2ce36727cbce80 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2023-43662 cwe-id: CWE-22 + cpe: cpe:2.3:a:shokoanime:shokoserver:*:*:*:*:*:*:*:* epss-score: 0.00089 epss-percentile: 0.38539 - cpe: cpe:2.3:a:shokoanime:shokoserver:*:*:*:*:*:*:*:* metadata: verified: true vendor: shokoanime product: shokoserver fofa-query: title="Shoko WEB UI" + max-request: 1 tags: cve,cve2023,shoko,web-aui,lfi http: diff --git a/http/cves/2023/CVE-2023-44393.yaml b/http/cves/2023/CVE-2023-44393.yaml index 1339946bef7..59f3acfdb10 100644 --- a/http/cves/2023/CVE-2023-44393.yaml +++ b/http/cves/2023/CVE-2023-44393.yaml @@ -6,25 +6,26 @@ info: severity: medium description: | Piwigo is vulnerable to a reflected XSS in the admin panel where the `plugin_id` parameter is not properly sanitized. + reference: + - https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-957m-7vgg + - https://nvd.nist.gov/vuln/detail/CVE-2023-44393 impact: | Successful exploitation could allow an attacker to execute malicious scripts in the context of the victim's browser. remediation: | Update Piwigo to the latest version to mitigate the reflected XSS vulnerability. - reference: - - https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-957m-7vgg - - https://nvd.nist.gov/vuln/detail/CVE-2023-44393 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-44393 cwe-id: CWE-79 + cpe: cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: piwigo product: piwigo - shodan-query: http.favicon.hash:540706145 + shodan-query: "http.favicon.hash:540706145" fofa-query: title="piwigo" tags: cve,cve2023,piwigo,xss,authenticated diff --git a/http/cves/2023/CVE-2023-46818.yaml b/http/cves/2023/CVE-2023-46818.yaml index 742fd14a37a..ccd2a805587 100644 --- a/http/cves/2023/CVE-2023-46818.yaml +++ b/http/cves/2023/CVE-2023-46818.yaml @@ -20,6 +20,7 @@ info: verified: true max-requests: 1 product: ispconfig + max-request: 6 tags: cve,cve2023,ispconfig,php,rce flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6) diff --git a/http/cves/2023/CVE-2023-51449.yaml b/http/cves/2023/CVE-2023-51449.yaml index 1423dcf9ff0..df092866636 100644 --- a/http/cves/2023/CVE-2023-51449.yaml +++ b/http/cves/2023/CVE-2023-51449.yaml @@ -15,17 +15,17 @@ info: cvss-score: 7.5 cve-id: CVE-2023-51449 cwe-id: CWE-22 + cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:* epss-score: 0.00064 epss-percentile: 0.27836 - cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:*:python:*:* metadata: + fofa-query: body="__gradio_mode__" verified: true - max-request: 2 - vendor: gradio_project + max-request: 4 + vendor: "gradio_project" product: gradio framework: python shodan-query: html:"__gradio_mode__" - fofa-query: body="__gradio_mode__" tags: cve,cve2024,lfi,gradio,unauth,intrusive variables: diff --git a/http/cves/2023/CVE-2023-5558.yaml b/http/cves/2023/CVE-2023-5558.yaml index 495bad474e8..ebd3791dc89 100644 --- a/http/cves/2023/CVE-2023-5558.yaml +++ b/http/cves/2023/CVE-2023-5558.yaml @@ -6,23 +6,23 @@ info: severity: medium description: | The LearnPress WordPress plugin before 4.2.5.5 does not sanitise and escape user input before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + reference: + - https://wpscan.com/vulnerability/4efd2a4d-89bd-472f-ba5a-f9944fd4dd16/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-5558 impact: | Allows attackers to execute malicious scripts in the context of the victim's browser. remediation: | Update LearnPress WordPress Plugin to the latest version to mitigate the vulnerability. - reference: - - https://wpscan.com/vulnerability/4efd2a4d-89bd-472f-ba5a-f9944fd4dd16/ - - https://nvd.nist.gov/vuln/detail/CVE-2023-5558 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-5558 cwe-id: CWE-79 + cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* epss-score: 0.00046 epss-percentile: 0.15636 - cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: - max-request: 6 + max-request: 9 vendor: thimpress product: learnpress framework: wordpress diff --git a/http/cves/2023/CVE-2023-5561.yaml b/http/cves/2023/CVE-2023-5561.yaml index a3094c09379..c8679fe5392 100644 --- a/http/cves/2023/CVE-2023-5561.yaml +++ b/http/cves/2023/CVE-2023-5561.yaml @@ -6,30 +6,28 @@ info: severity: medium description: | WordPress Core is vulnerable to Sensitive Information Exposure in versions between 4.7.0 and 6.3.1 via the User REST endpoint. While the search results do not display user email addresses unless the requesting user has the 'list_users' capability, the search is applied to the user_email column. - impact: | - This can allow unauthenticated attackers to brute force or verify the email addresses of users with published posts or pages on the site. reference: - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-core/wordpress-core-470-631-sensitive-information-exposure-via-user-search-rest-endpoint?asset_slug=wordpress - https://wpscan.com/vulnerability/19380917-4c27-4095-abf1-eba6f913b441/ - https://nvd.nist.gov/vuln/detail/CVE-2023-5561 + impact: | + This can allow unauthenticated attackers to brute force or verify the email addresses of users with published posts or pages on the site. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-5561 cwe-id: CWE-200 + cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* epss-score: 0.00072 epss-percentile: 0.32109 - cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 vendor: wordpress product: wordpress framework: wordpress - shodan-query: - - cpe:"cpe:2.3:a:wordpress:wordpress" - - http.component:"wordpress" + shodan-query: '[cpe:"cpe:2.3:a:wordpress:wordpress" http.component:"wordpress"]' fofa-query: body="oembed" && body="wp-" + verified: true + max-request: 3 tags: cve,cve2023,wpscan,disclosure,wp,wordpress,email,exposure flow: http(1) && http(2) diff --git a/http/cves/2023/CVE-2023-6329.yaml b/http/cves/2023/CVE-2023-6329.yaml index 6b75097a45e..96ead92b2d6 100644 --- a/http/cves/2023/CVE-2023-6329.yaml +++ b/http/cves/2023/CVE-2023-6329.yaml @@ -15,15 +15,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6329 cwe-id: CWE-287 + cpe: cpe:2.3:a:controlid:idsecure:4.7.32.0:*:*:*:*:*:*:* epss-score: 0.02363 epss-percentile: 0.90025 - cpe: cpe:2.3:a:controlid:idsecure:4.7.32.0:*:*:*:*:*:*:* metadata: - verified: true - max-request: 3 vendor: controlid product: idsecure fofa-query: body="iDSecure" + verified: true + max-request: 4 tags: cve,cve2023,auth-bypass,idsecure,control-id,intrusive variables: diff --git a/http/cves/2024/CVE-2024-0939.yaml b/http/cves/2024/CVE-2024-0939.yaml index cf4110bf7c3..1fc15c47ab1 100644 --- a/http/cves/2024/CVE-2024-0939.yaml +++ b/http/cves/2024/CVE-2024-0939.yaml @@ -17,14 +17,14 @@ info: cvss-score: 9.8 cve-id: CVE-2024-0939 cwe-id: CWE-434 + cpe: cpe:2.3:o:byzoro:smart_s210_firmware:*:*:*:*:*:*:*:* epss-score: 0.00063 epss-percentile: 0.2659 - cpe: cpe:2.3:o:byzoro:smart_s210_firmware:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: byzoro - product: smart_s210_firmware + product: "smart_s210_firmware" fofa-query: body="Smart管理平台" tags: cve,cve2024,smart,file-upload,intrusive,rce diff --git a/http/cves/2024/CVE-2024-1561.yaml b/http/cves/2024/CVE-2024-1561.yaml index 7a26cbe5973..2ce58ae8817 100644 --- a/http/cves/2024/CVE-2024-1561.yaml +++ b/http/cves/2024/CVE-2024-1561.yaml @@ -6,10 +6,6 @@ info: severity: high description: | Local file read by calling arbitrary methods of Components class between Gradio versions 4.3-4.12 - impact: | - Successful exploitation of this vulnerability could allow an attacker to read files on the server - remediation: | - Update to Gradio 4.13.0 reference: - https://huntr.com/bounties/4acf584e-2fe8-490e-878d-2d9bf2698338 - https://github.com/DiabloHTB/CVE-2024-1561 @@ -17,20 +13,24 @@ info: - https://github.com/gradio-app/gradio/commit/24a583688046867ca8b8b02959c441818bdb34a2 - https://www.gradio.app/changelog#4-13-0 - https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces/ + impact: | + Successful exploitation of this vulnerability could allow an attacker to read files on the server + remediation: | + Update to Gradio 4.13.0 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-1561 cwe-id: CWE-29 + cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:* epss-score: 0.00087 epss-percentile: 0.36659 - cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:* metadata: verified: true - max-request: 2 + max-request: 4 shodan-query: html:"__gradio_mode__" product: gradio - vendor: gradio_project + vendor: "gradio_project" tags: cve,cve2024,intrusive,unauth,gradio,lfi,lfr http: diff --git a/http/cves/2024/CVE-2024-1728.yaml b/http/cves/2024/CVE-2024-1728.yaml index 72d1cb4ca4b..1ed48b06f05 100644 --- a/http/cves/2024/CVE-2024-1728.yaml +++ b/http/cves/2024/CVE-2024-1728.yaml @@ -6,14 +6,14 @@ info: severity: high description: | gradio-app/gradio is vulnerable to a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. - impact: | - Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server. - remediation: | - Update to version 4.19.2. reference: - https://github.com/gradio-app/gradio/commit/16fbe9cd0cffa9f2a824a0165beb43446114eec7 - https://huntr.com/bounties/9bb33b71-7995-425d-91cc-2c2a2f2a068a - https://nvd.nist.gov/vuln/detail/CVE-2024-1728 + impact: | + Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server. + remediation: | + Update to version 4.19.2. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 @@ -22,11 +22,11 @@ info: epss-score: 0.00044 epss-percentile: 0.10164 metadata: - max-request: 5 - verified: true vendor: gradio product: gradio shodan-query: html:"__gradio_mode__" + max-request: 6 + verified: true tags: cve,cve2024,lfi,gradio,intrusive http: diff --git a/http/cves/2024/CVE-2024-22207.yaml b/http/cves/2024/CVE-2024-22207.yaml index 2473376407e..36be82ba5bd 100644 --- a/http/cves/2024/CVE-2024-22207.yaml +++ b/http/cves/2024/CVE-2024-22207.yaml @@ -14,17 +14,16 @@ info: cvss-score: 5.3 cve-id: CVE-2024-22207 cwe-id: CWE-1188 + cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:node.js:*:* epss-score: 0.00052 epss-percentile: 0.21263 - cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:node.js:*:* metadata: - vendor: smartbear - product: swagger_ui - framework: node.js - shodan-query: - - http.component:"swagger" - - http.favicon.hash:"-1180440057" fofa-query: icon_hash="-1180440057" + max-request: 1 + vendor: smartbear + product: "swagger_ui" + framework: "node.js" + shodan-query: '[http.component:"swagger" http.favicon.hash:"-1180440057"]' tags: cve,cve2024,swagger-ui,exposure http: diff --git a/http/cves/2024/CVE-2024-2330.yaml b/http/cves/2024/CVE-2024-2330.yaml index b82166a64c1..ea2ba3c4444 100644 --- a/http/cves/2024/CVE-2024-2330.yaml +++ b/http/cves/2024/CVE-2024-2330.yaml @@ -20,8 +20,8 @@ info: epss-score: 0.00045 epss-percentile: 0.15866 metadata: - max-request: 2 - shodan-query: http.title:“NS-ASG” + max-request: 1 + shodan-query: "http.title:“NS-ASG”" fofa-query: app="网康科技-NS-ASG安全网关" tags: cve,cve2024,ns-asg,sqli diff --git a/http/cves/2024/CVE-2024-24565.yaml b/http/cves/2024/CVE-2024-24565.yaml index d007f6561b0..18edd2184a2 100644 --- a/http/cves/2024/CVE-2024-24565.yaml +++ b/http/cves/2024/CVE-2024-24565.yaml @@ -11,12 +11,12 @@ info: cvss-score: 6.5 cve-id: CVE-2024-24565 cwe-id: CWE-22 + cpe: cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:* epss-score: 0.0005 epss-percentile: 0.18617 - cpe: cpe:2.3:a:cratedb:cratedb:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 3 vendor: cratedb product: cratedb fofa-query: title="CrateDB" diff --git a/http/cves/2024/CVE-2024-24763.yaml b/http/cves/2024/CVE-2024-24763.yaml index 4be6a2a58b3..359d507121a 100644 --- a/http/cves/2024/CVE-2024-24763.yaml +++ b/http/cves/2024/CVE-2024-24763.yaml @@ -16,12 +16,10 @@ info: cwe-id: CWE-601 cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 3 vendor: fit2cloud product: jumpserver - fofa-query: - - title="JumpServer" - - title="jumpserver" + fofa-query: '[title="JumpServer" title="jumpserver"]' tags: cve2024,cve,jumpserver,redirect,fit2cloud,authenticated http: diff --git a/http/cves/2024/CVE-2024-24809.yaml b/http/cves/2024/CVE-2024-24809.yaml index bb579ce6152..c81ca5cff65 100644 --- a/http/cves/2024/CVE-2024-24809.yaml +++ b/http/cves/2024/CVE-2024-24809.yaml @@ -15,15 +15,15 @@ info: cvss-score: 8.5 cve-id: CVE-2024-24809 cwe-id: CWE-27 + cpe: cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:* epss-score: 0.00043 epss-percentile: 0.09551 - cpe: cpe:2.3:a:traccar:traccar:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 + max-request: 7 shodan-query: html:"Traccar" product: traccar vendor: traccar + verified: true tags: cve,cve2024,traccar,rce,intrusive,file-upload variables: diff --git a/http/cves/2024/CVE-2024-25852.yaml b/http/cves/2024/CVE-2024-25852.yaml index de9a3818da0..efb1cf8294d 100644 --- a/http/cves/2024/CVE-2024-25852.yaml +++ b/http/cves/2024/CVE-2024-25852.yaml @@ -6,19 +6,19 @@ info: severity: high description: | Linksys RE7000 v2.0.9, v2.0.11, and v2.0.15 have a command execution vulnerability in the "AccessControlList" parameter of the access control function point - impact: An attacker can use the vulnerability to obtain device administrator rights. reference: - https://nvd.nist.gov/vuln/detail/CVE-2024-25852 - https://github.com/ZackSecurity/VulnerReport/blob/cve/Linksys/1.md - https://immense-mirror-b42.notion.site/Linksys-RE7000-command-injection-vulnerability-c1a47abf5e8d4dd0934d20d77da930bd + impact: An attacker can use the vulnerability to obtain device administrator rights. classification: epss-score: 0.00043 epss-percentile: 0.0866 metadata: - verified: true - max-request: 1 + max-request: 2 vendor: Linksys product: RE7000 + verified: true tags: cve,cve2024,unauth,injection variables: diff --git a/http/cves/2024/CVE-2024-29272.yaml b/http/cves/2024/CVE-2024-29272.yaml index 4ea9fd3dc68..4f973bd1c1d 100644 --- a/http/cves/2024/CVE-2024-29272.yaml +++ b/http/cves/2024/CVE-2024-29272.yaml @@ -16,15 +16,15 @@ info: cvss-score: 6.5 cve-id: CVE-2024-29272 cwe-id: CWE-434 + cpe: cpe:2.3:a:vvvebjs:vvvebjs:1.7.4:*:*:*:*:*:*:* epss-score: 0.00043 epss-percentile: 0.09538 - cpe: cpe:2.3:a:vvvebjs:vvvebjs:1.7.4:*:*:*:*:*:*:* metadata: + fofa-query: icon_hash="524332373" verified: true - max-request: 1 + max-request: 2 vendor: vvvebjs product: vvvebjs - fofa-query: icon_hash="524332373" tags: cve,cve2024,file-upload,intrusive variables: diff --git a/http/cves/2024/CVE-2024-34257.yaml b/http/cves/2024/CVE-2024-34257.yaml index 60d080c09a3..ae97cd18c47 100644 --- a/http/cves/2024/CVE-2024-34257.yaml +++ b/http/cves/2024/CVE-2024-34257.yaml @@ -14,8 +14,9 @@ info: epss-score: 0.00043 epss-percentile: 0.0926 metadata: + max-request: 2 vendor: totolink - product: a3700r_firmware + product: "a3700r_firmware" shodan-query: http.title:"totolink" fofa-query: title="totolink" google-query: intitle:"totolink" diff --git a/http/cves/2024/CVE-2024-34982.yaml b/http/cves/2024/CVE-2024-34982.yaml index 5507b44086c..a026054bbd4 100644 --- a/http/cves/2024/CVE-2024-34982.yaml +++ b/http/cves/2024/CVE-2024-34982.yaml @@ -13,11 +13,11 @@ info: classification: cpe: cpe:2.3:a:lylme:lylme_spage:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 vendor: lylme - product: lylme_spage + product: "lylme_spage" fofa-query: icon_hash="-282504889" + verified: true + max-request: 2 tags: cve,cve2024,lylme-spage,rce,intrusive variables: diff --git a/http/cves/2024/CVE-2024-3552.yaml b/http/cves/2024/CVE-2024-3552.yaml index 83cc69c60d3..1318f7ef978 100644 --- a/http/cves/2024/CVE-2024-3552.yaml +++ b/http/cves/2024/CVE-2024-3552.yaml @@ -6,17 +6,17 @@ info: severity: critical description: | The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. - remediation: Fixed in 1.7.0 reference: - https://vulners.com/wpvulndb/CVE-2024-3552 - https://wpscan.com/vulnerability/34b03ee4-de81-4fec-9f3d-e1bd5b94d136/ + remediation: Fixed in 1.7.0 classification: cpe: cpe:2.3:a:salephpscripts:web_directory_free:*:*:*:*:wordpress:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: salephpscripts - product: web_directory_free + product: "web_directory_free" publicwww-query: "/wp-content/plugins/web-directory-free" tags: time-based-sqli,cve,cve2024,wordpress,wp-plugin,wpscan,wp,web-directory-free flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-36401.yaml b/http/cves/2024/CVE-2024-36401.yaml index 6b13ce35820..8f61b355abd 100644 --- a/http/cves/2024/CVE-2024-36401.yaml +++ b/http/cves/2024/CVE-2024-36401.yaml @@ -6,23 +6,21 @@ info: severity: critical description: | In the GeoServer version prior to 2.25.1, 2.24.3 and 2.23.5 of GeoServer, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. - impact: | - This vulnerability can lead to executing arbitrary code. reference: - https://x.com/sirifu4k1/status/1808270303275241607 - https://nvd.nist.gov/vuln/detail/CVE-2024-36401 - https://github.com/vulhub/vulhub/tree/master/geoserver/CVE-2024-36401 - https://github.com/advisories/GHSA-6jj6-gm7p-fcvv + impact: | + This vulnerability can lead to executing arbitrary code. metadata: - verified: true - max-request: 1 - vendor: osgeo product: geoserver shodan-query: "Server: GeoHttpServer" - fofa-query: - - title="geoserver" - - app="geoserver" + fofa-query: '[title="geoserver" app="geoserver"]' google-query: intitle:"geoserver" + verified: true + max-request: 2 + vendor: osgeo tags: cve,cve2024,geoserver,rce,unauth,kev flow: | diff --git a/http/cves/2024/CVE-2024-36683.yaml b/http/cves/2024/CVE-2024-36683.yaml index 0f51b0250ca..20b64735427 100644 --- a/http/cves/2024/CVE-2024-36683.yaml +++ b/http/cves/2024/CVE-2024-36683.yaml @@ -6,11 +6,11 @@ info: severity: critical description: | In the module 'Products Alert' (productsalert) up to version 1.7.4 from Smart Modules for PrestaShop, a guest can perform SQL injection in affected versions. - impact: | - Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage. reference: - https://security.friendsofpresta.org/modules/2024/06/20/productsalert.html - https://nvd.nist.gov/vuln/detail/CVE-2024-36683 + impact: | + Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -19,11 +19,11 @@ info: epss-score: 0.04685 epss-percentile: 0.91818 metadata: - verified: true - max-request: 2 framework: prestashop shodan-query: html:"/productsalert" fofa-query: body="/productsalert" + verified: true + max-request: 3 tags: time-based-sqli,cve,cve2023,prestashop,sqli,productsalert flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-36991.yaml b/http/cves/2024/CVE-2024-36991.yaml index c5f957eb7ab..a2c2e1045d7 100644 --- a/http/cves/2024/CVE-2024-36991.yaml +++ b/http/cves/2024/CVE-2024-36991.yaml @@ -12,7 +12,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2024-36991 metadata: verified: true - max-request: 1 + max-request: 2 shodan-query: html:"Login | Splunk" tags: cve,cve2024,splunk,lfi diff --git a/http/cves/2024/CVE-2024-37032.yaml b/http/cves/2024/CVE-2024-37032.yaml index 9c239963a29..2822002ac84 100644 --- a/http/cves/2024/CVE-2024-37032.yaml +++ b/http/cves/2024/CVE-2024-37032.yaml @@ -13,11 +13,11 @@ info: classification: cpe: cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 vendor: ollama product: ollama shodan-query: ollama + verified: true + max-request: 2 tags: cve,cve2024,ollama,rce http: diff --git a/http/cves/2024/CVE-2024-37393.yaml b/http/cves/2024/CVE-2024-37393.yaml index 4132913e7c2..6e8ee9f979b 100644 --- a/http/cves/2024/CVE-2024-37393.yaml +++ b/http/cves/2024/CVE-2024-37393.yaml @@ -10,9 +10,10 @@ info: - https://www.optistream.io/blogs/tech/securenvoy-cve-2024-37393 - https://securenvoy.com metadata: + fofa-query: title="SecurEnvoy" + max-request: 2 verified: true shodan-query: title:"SecurEnvoy" - fofa-query: title="SecurEnvoy" tags: cve,cve2024,securenvoy,ldap variables: diff --git a/http/cves/2024/CVE-2024-37843.yaml b/http/cves/2024/CVE-2024-37843.yaml index 9248f0419f5..1b1c47b8177 100644 --- a/http/cves/2024/CVE-2024-37843.yaml +++ b/http/cves/2024/CVE-2024-37843.yaml @@ -14,21 +14,16 @@ info: cvss-score: 9.8 cve-id: CVE-2024-37843 cwe-id: CWE-89 + cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* epss-score: 0.00091 epss-percentile: 0.39447 - cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* metadata: - vendor: craftcms - product: craft_cms - shodan-query: - - cpe:"cpe:2.3:a:craftcms:craft_cms" - - http.html:"craftcms" - - http.favicon.hash:"-47932290" - - "X-Powered-By: Craft CMS" - fofa-query: - - body=craftcms - - icon_hash=-47932290 + product: "craft_cms" + shodan-query: '[cpe:"cpe:2.3:a:craftcms:craft_cms" http.html:"craftcms" http.favicon.hash:"-47932290" X-Powered-By: Craft CMS]' + fofa-query: '[body=craftcms icon_hash=-47932290]' publicwww-query: craftcms + max-request: 1 + vendor: craftcms tags: cve,cve2024,craftcms,sqli variables: diff --git a/http/cves/2024/CVE-2024-37881.yaml b/http/cves/2024/CVE-2024-37881.yaml index e663772da3f..dfdf05d8323 100644 --- a/http/cves/2024/CVE-2024-37881.yaml +++ b/http/cves/2024/CVE-2024-37881.yaml @@ -13,7 +13,7 @@ info: - https://www.usom.gov.tr/bildirim/tr-24-0726 metadata: verified: true - max-request: 1 + max-request: 2 publicwww-query: "/wp-content/plugins/siteguard/" tags: cve,cve-2024,siteguard,wp-plugin diff --git a/http/cves/2024/CVE-2024-38472.yaml b/http/cves/2024/CVE-2024-38472.yaml index 0251de182fc..31feb53efbf 100644 --- a/http/cves/2024/CVE-2024-38472.yaml +++ b/http/cves/2024/CVE-2024-38472.yaml @@ -19,6 +19,8 @@ info: cwe-id: CWE-918 epss-score: 0.00043 epss-percentile: 0.09568 + metadata: + max-request: 1 tags: cve,cve2024,apache,ssrf,oast,httpd http: diff --git a/http/cves/2024/CVE-2024-38473.yaml b/http/cves/2024/CVE-2024-38473.yaml index 2038612a09b..749e7e2b2a7 100644 --- a/http/cves/2024/CVE-2024-38473.yaml +++ b/http/cves/2024/CVE-2024-38473.yaml @@ -6,26 +6,26 @@ info: severity: high description: | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. - remediation: | - Fixed in v2.4.60 reference: - https://blog.orange.tw/2024/08/confusion-attacks-en.html#%E2%9A%94%EF%B8%8F-Primitive-1-2-ACL-Bypass - https://www.cvedetails.com/cve/CVE-2024-38473/ - https://nvd.nist.gov/vuln/detail/CVE-2024-38473 - https://httpd.apache.org/security/vulnerabilities_24.html - https://security.netapp.com/advisory/ntap-20240712-0001/ + remediation: | + Fixed in v2.4.60 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H cvss-score: 8.1 cve-id: CVE-2024-38473 cwe-id: CWE-116 + cpe: cpe:/a:apache:http_server, cpe:/a:apache:httpd epss-score: 0.00043 epss-percentile: 0.09569 - cpe: cpe:/a:apache:http_server, cpe:/a:apache:httpd metadata: - max-request: 10 - vendor: Apache Software Foundation - product: Apache HTTP Server + max-request: 16 + vendor: "Apache Software Foundation" + product: "Apache HTTP Server" google-query: intitle:"Apache HTTP Server" inurl:"/server-status" tags: cve,cve2024,apache,acl-bypass,mod_proxy,php-fpm diff --git a/http/cves/2024/CVE-2024-38816.yaml b/http/cves/2024/CVE-2024-38816.yaml index 59df7c32055..65031829e95 100644 --- a/http/cves/2024/CVE-2024-38816.yaml +++ b/http/cves/2024/CVE-2024-38816.yaml @@ -17,6 +17,8 @@ info: cve-id: CVE-2024-38816 epss-score: 0.00043 epss-percentile: 0.09632 + metadata: + max-request: 1 tags: cve,cve2024,spring http: diff --git a/http/cves/2024/CVE-2024-39250.yaml b/http/cves/2024/CVE-2024-39250.yaml index c8471b23160..f46d5e156f4 100644 --- a/http/cves/2024/CVE-2024-39250.yaml +++ b/http/cves/2024/CVE-2024-39250.yaml @@ -18,6 +18,7 @@ info: vendor: efroTech product: timetrax fofa-query: icon_hash="-661694518" + max-request: 2 tags: cve,cve2024,sqli,timetrax flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-39713.yaml b/http/cves/2024/CVE-2024-39713.yaml index b516f6c2efe..9d90318cf20 100644 --- a/http/cves/2024/CVE-2024-39713.yaml +++ b/http/cves/2024/CVE-2024-39713.yaml @@ -15,15 +15,16 @@ info: cvss-score: 8.6 cve-id: CVE-2024-39713 cwe-id: CWE-918 + cpe: cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* epss-score: 0.00087 epss-percentile: 0.37765 - cpe: cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* metadata: - vendor: rocket.chat - product: rocket.chat shodan-query: http.title:"rocket.chat" fofa-query: title="rocket.chat" google-query: intitle:"rocket.chat" + max-request: 1 + vendor: "rocket.chat" + product: "rocket.chat" tags: cve,cve2024,hackerone,ssrf,oast,rocket-chat http: diff --git a/http/cves/2024/CVE-2024-39914.yaml b/http/cves/2024/CVE-2024-39914.yaml index 2df75fa51f6..68351d802b4 100644 --- a/http/cves/2024/CVE-2024-39914.yaml +++ b/http/cves/2024/CVE-2024-39914.yaml @@ -6,12 +6,12 @@ info: severity: critical description: | FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. - remediation: Fixed in 1.5.10.34 reference: - https://nvd.nist.gov/vuln/detail/CVE-2024-39914 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39914 - https://github.com/FOGProject/fogproject/security/advisories/GHSA-7h44-6vq6-cq8j - https://blog.csdn.net/qq_39894062/article/details/140550009 + remediation: Fixed in 1.5.10.34 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -23,6 +23,7 @@ info: vendor: fogproject product: fogproject fofa-query: icon_hash="-1952619005" + max-request: 2 tags: cve,cve2024,rce,fog variables: diff --git a/http/cves/2024/CVE-2024-40422.yaml b/http/cves/2024/CVE-2024-40422.yaml index 6a5df380673..ffa0afa0082 100644 --- a/http/cves/2024/CVE-2024-40422.yaml +++ b/http/cves/2024/CVE-2024-40422.yaml @@ -17,11 +17,11 @@ info: cvss-score: 9.1 cve-id: CVE-2024-40422 cwe-id: CWE-22 + cpe: cpe:2.3:a:stitionai:devika:1.0:*:*:*:*:*:*:* epss-score: 0.0087 epss-percentile: 0.82513 - cpe: cpe:2.3:a:stitionai:devika:1.0:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: stitionai product: devika fofa-query: icon_hash="-1429839495" diff --git a/http/cves/2024/CVE-2024-41955.yaml b/http/cves/2024/CVE-2024-41955.yaml index 41422209253..27ae9f1fb61 100644 --- a/http/cves/2024/CVE-2024-41955.yaml +++ b/http/cves/2024/CVE-2024-41955.yaml @@ -6,24 +6,24 @@ info: severity: medium description: | Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. An open redirect vulnerability exist in MobSF authentication view. - impact: | - An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks. reference: - https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/fdaad81314f393d324c1ede79627e9d47986c8c8 - https://nvd.nist.gov/vuln/detail/CVE-2024-41955 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41955 - https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8m9j-2f32-2vx4 + impact: | + An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N cvss-score: 5.2 cve-id: CVE-2024-41955 cwe-id: CWE-601 metadata: - max-request: 1 + max-request: 2 verified: true vendor: mobsf product: mobsf - fofa-query: "MobSF" + fofa-query: MobSF tags: cve,cve2024,open-redirect,mobsf,authenticated http: diff --git a/http/cves/2024/CVE-2024-4257.yaml b/http/cves/2024/CVE-2024-4257.yaml index 02866ee1c4c..fcab6ae670b 100644 --- a/http/cves/2024/CVE-2024-4257.yaml +++ b/http/cves/2024/CVE-2024-4257.yaml @@ -19,7 +19,7 @@ info: epss-percentile: 0.15929 metadata: verified: true - max-request: 1 + max-request: 2 fofa-query: app="LANWON-临床浏览系统" tags: time-based-sqli,cve,cve2024,sqli,blunet diff --git a/http/cves/2024/CVE-2024-43425.yaml b/http/cves/2024/CVE-2024-43425.yaml index c361118a78f..dce7ba7bae3 100644 --- a/http/cves/2024/CVE-2024-43425.yaml +++ b/http/cves/2024/CVE-2024-43425.yaml @@ -16,11 +16,11 @@ info: cve-id: CVE-2024-43425 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 - shodan-query: title:"Moodle" product: moodle vendor: moodle + verified: true + max-request: 7 + shodan-query: title:"Moodle" tags: cve,cve2024,moodile,rce,authenticated flow: http(1) && http(2) && http(3) && http(4) && http(5) && http(6) diff --git a/http/cves/2024/CVE-2024-4439.yaml b/http/cves/2024/CVE-2024-4439.yaml index 3b0bf658a56..61263980398 100644 --- a/http/cves/2024/CVE-2024-4439.yaml +++ b/http/cves/2024/CVE-2024-4439.yaml @@ -6,11 +6,11 @@ info: severity: high description: | WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. - impact: | - This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar. reference: - https://nvd.nist.gov/vuln/detail/CVE-2024-4439 - https://www.cvedetails.com/cve/CVE-2024-4439/ + impact: | + This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 @@ -19,7 +19,7 @@ info: epss-score: 0.00064 epss-percentile: 0.28966 metadata: - max-request: 10 + max-request: 9 framework: wordpress tags: wpscan,xss,wp,wordpress,footnote,sxss,post diff --git a/http/cves/2024/CVE-2024-45195.yaml b/http/cves/2024/CVE-2024-45195.yaml index be9110d1d3a..5aa9a631250 100644 --- a/http/cves/2024/CVE-2024-45195.yaml +++ b/http/cves/2024/CVE-2024-45195.yaml @@ -6,29 +6,26 @@ info: severity: high description: | Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server - remediation: | - Users are recommended to upgrade to version 18.12.16, which fixes the issue. reference: - https://www.rapid7.com/blog/post/2024/09/05/cve-2024-45195-apache-ofbiz-unauthenticated-remote-code-execution-fixed/ - https://ofbiz.apache.org/download.html - https://nvd.nist.gov/vuln/detail/CVE-2024-45195 + remediation: | + Users are recommended to upgrade to version 18.12.16, which fixes the issue. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-45195 cwe-id: CWE-425 + cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* epss-score: 0.00045 epss-percentile: 0.16342 - cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: + fofa-query: '[app="apache_ofbiz" body="ofbiz"]' + max-request: 2 vendor: apache product: ofbiz - shodan-query: - - ofbiz.visitor= - - http.html:"ofbiz" - fofa-query: - - app="apache_ofbiz" - - body="ofbiz" + shodan-query: '[ofbiz.visitor= http.html:"ofbiz"]' tags: cve,cve2024,apache,ofbiz,rce,instrusive variables: diff --git a/http/cves/2024/CVE-2024-45241.yaml b/http/cves/2024/CVE-2024-45241.yaml index 9ac148cb1b8..0b8daf1329d 100644 --- a/http/cves/2024/CVE-2024-45241.yaml +++ b/http/cves/2024/CVE-2024-45241.yaml @@ -17,7 +17,7 @@ info: cpe: cpe:2.3:a:centralsquare:crywolf:2024-08-09:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: centralsquare product: crywolf fofa-query: "False Alarm Reduction Website" diff --git a/http/cves/2024/CVE-2024-45488.yaml b/http/cves/2024/CVE-2024-45488.yaml index 3350706ffcd..e451cb37462 100644 --- a/http/cves/2024/CVE-2024-45488.yaml +++ b/http/cves/2024/CVE-2024-45488.yaml @@ -19,9 +19,9 @@ info: epss-score: 0.00043 epss-percentile: 0.09691 metadata: - verified: true - max-request: 1 shodan-query: html:"Safeguard for Privileged Passwords" + verified: true + max-request: 2 tags: cve,cve2024,auth-bypass,safeguard code: - engine: diff --git a/http/cves/2024/CVE-2024-45507.yaml b/http/cves/2024/CVE-2024-45507.yaml index 8c181ad6e08..f8cd39bb6fe 100644 --- a/http/cves/2024/CVE-2024-45507.yaml +++ b/http/cves/2024/CVE-2024-45507.yaml @@ -6,8 +6,6 @@ info: severity: critical description: | Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server - remediation: | - Users are recommended to upgrade to version 18.12.16, which fixes the issue. reference: - https://xz.aliyun.com/t/15569 - https://x.com/chybeta/status/1833184898913636424 @@ -15,23 +13,22 @@ info: - https://ofbiz.apache.org/download.html - https://github.com/advisories/GHSA-w8w4-463p-8pg7 - https://github.com/vulhub/vulhub/tree/master/ofbiz/CVE-2024-45507 + remediation: | + Users are recommended to upgrade to version 18.12.16, which fixes the issue. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-45507 cwe-id: CWE-918 + cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* epss-score: 0.00514 epss-percentile: 0.7714 - cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: - vendor: apache product: ofbiz - shodan-query: - - ofbiz.visitor= - - http.html:"ofbiz" - fofa-query: - - app="apache_ofbiz" - - body="ofbiz" + shodan-query: '[ofbiz.visitor= http.html:"ofbiz"]' + fofa-query: '[app="apache_ofbiz" body="ofbiz"]' + max-request: 1 + vendor: apache tags: cve,cve2024,apache,obiz,rce,oast variables: diff --git a/http/cves/2024/CVE-2024-4577.yaml b/http/cves/2024/CVE-2024-4577.yaml index 32da3174a55..6ff55abfe9c 100644 --- a/http/cves/2024/CVE-2024-4577.yaml +++ b/http/cves/2024/CVE-2024-4577.yaml @@ -4,16 +4,17 @@ info: name: PHP CGI - Argument Injection author: Hüseyin TINTAŞ,sw0rk17,securityforeveryone,pdresearch severity: critical - reference: - - https://cloud.tencent.com/developer/article/2429455 description: | PHP CGI - Argument Injection (CVE-2024-4577) is a critical argument injection flaw in PHP. + reference: + - https://cloud.tencent.com/developer/article/2429455 impact: | Successful exploitation could lead to remote code execution on the affected system. remediation: | Apply the vendor-supplied patches or upgrade to a non-vulnerable version. metadata: verified: true + max-request: 4 tags: cve,cve2024,php,cgi,xampp,rce http: diff --git a/http/cves/2024/CVE-2024-4841.yaml b/http/cves/2024/CVE-2024-4841.yaml index 3101e82dfbe..72891eda304 100644 --- a/http/cves/2024/CVE-2024-4841.yaml +++ b/http/cves/2024/CVE-2024-4841.yaml @@ -6,11 +6,11 @@ info: severity: medium description: | A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. - impact: | - By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim's computer. The vulnerability is present in the way the application handles the 'path' parameter in HTTP requests to the '/add_reference_to_local_model' endpoint. reference: - https://huntr.com/bounties/740dda3e-7104-4ccf-9ac4-8870e4d6d602 - https://nvd.nist.gov/vuln/detail/CVE-2024-4841 + impact: | + By exploiting this vulnerability, an attacker can predict the folders, subfolders, and files present on the victim's computer. The vulnerability is present in the way the application handles the 'path' parameter in HTTP requests to the '/add_reference_to_local_model' endpoint. classification: cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 4 @@ -19,7 +19,7 @@ info: epss-score: 0.00043 epss-percentile: 0.09834 metadata: - max-request: 1 + max-request: 2 fofa-query: "LoLLMS WebUI - Welcome" tags: cve,cve2024,lollms-webui,traversal diff --git a/http/cves/2024/CVE-2024-5084.yaml b/http/cves/2024/CVE-2024-5084.yaml index 3be628087c1..b4147346dc1 100644 --- a/http/cves/2024/CVE-2024-5084.yaml +++ b/http/cves/2024/CVE-2024-5084.yaml @@ -6,11 +6,11 @@ info: severity: critical description: | The Hash Form Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. - remediation: Fixed in 1.1.1 reference: - https://nvd.nist.gov/vuln/detail/CVE-2024-5084 - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/hash-form/hash-form-drag-drop-form-builder-110-unauthenticated-arbitrary-file-upload-to-remote-code-execution - https://github.com/WOOOOONG/CVE-2024-5084/blob/main/CVE-2024-5084_exploit.py + remediation: Fixed in 1.1.1 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -18,12 +18,12 @@ info: epss-score: 0.00063 epss-percentile: 0.27036 metadata: - verified: true - max-request: 1 + max-request: 3 vendor: HashThemes - product: Hash Form + product: "Hash Form" framework: wordpress publicwww-query: "/wp-content/plugins/hash-form/" + verified: true tags: cve,cve2024,wp-plugin,wordpress,file-upload,rce,intrusive variables: diff --git a/http/cves/2024/CVE-2024-5315.yaml b/http/cves/2024/CVE-2024-5315.yaml index 612bd641b43..637f50cf304 100644 --- a/http/cves/2024/CVE-2024-5315.yaml +++ b/http/cves/2024/CVE-2024-5315.yaml @@ -6,25 +6,25 @@ info: severity: critical description: | Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. - impact: | - These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in /dolibarr/commande/list.php reference: - https://nvd.nist.gov/vuln/detail/CVE-2024-5315 - https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-dolibarrs-erp-cms + impact: | + These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in /dolibarr/commande/list.php classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2024-5315 cwe-id: CWE-89 + cpe: cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:* epss-score: 0.00043 epss-percentile: 0.09367 - cpe: cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 shodan-query: http.title:"Dolibarr" - product: dolibarr_erp\\/crm + product: "dolibarr_erp\\\\/crm" vendor: dolibarr + verified: true + max-request: 2 tags: cve,cve2024,dolibarr,erp,sqli,authenticated variables: diff --git a/http/cves/2024/CVE-2024-5947.yaml b/http/cves/2024/CVE-2024-5947.yaml index 3a71a168228..63d4fc2bc36 100644 --- a/http/cves/2024/CVE-2024-5947.yaml +++ b/http/cves/2024/CVE-2024-5947.yaml @@ -12,8 +12,8 @@ info: - https://www.zerodayinitiative.com/advisories/ZDI-24-671/ metadata: verified: "true" - max-request: 1 - vendor: Deep Sea Electronics + max-request: 2 + vendor: "Deep Sea Electronics" product: DSE855 fofa-query: "Deep Sea Electronics" tags: packetstorm,cve,cve2024,bypass,info-leak diff --git a/http/cves/2024/CVE-2024-5975.yaml b/http/cves/2024/CVE-2024-5975.yaml index 534f2c8c994..6ae9c608ccb 100644 --- a/http/cves/2024/CVE-2024-5975.yaml +++ b/http/cves/2024/CVE-2024-5975.yaml @@ -17,10 +17,11 @@ info: epss-score: 0.00043 epss-percentile: 0.09404 metadata: - vendor: team-contriverz - product: cz-loan-management framework: wordpress publicwww-query: "/wp-content/plugins/cz-loan-management" + max-request: 2 + vendor: "team-contriverz" + product: "cz-loan-management" tags: time-based-sqli,cve,cve2024,wpscan,wp-plugin,wordpress,wp,cz-loan-management flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6289.yaml b/http/cves/2024/CVE-2024-6289.yaml index 4e440bdd9e2..b63bb4720dc 100644 --- a/http/cves/2024/CVE-2024-6289.yaml +++ b/http/cves/2024/CVE-2024-6289.yaml @@ -6,19 +6,19 @@ info: severity: medium description: | The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page. - remediation: Fixed in 1.9.16.4 reference: - https://wpscan.com/vulnerability/fd6d0362-df1d-4416-b8b5-6e5d0ce84793/ - https://nvd.nist.gov/vuln/detail/CVE-2024-6289 - https://www.sprocketsecurity.com/resources/discovering-wp-admin-urls-in-wordpress-with-gravityforms/ + remediation: Fixed in 1.9.16.4 classification: epss-score: 0.00043 epss-percentile: 0.09266 metadata: verified: true - max-request: 1 + max-request: 2 vendor: wpserveur - product: wps_hide_login + product: "wps_hide_login" framework: wordpress publicwww-query: "/wp-content/plugins/wps-hide-login/" tags: cve,cve2024,bypass,wp-plugin,wpscan,wordpress,wps-hide-login diff --git a/http/cves/2024/CVE-2024-6366.yaml b/http/cves/2024/CVE-2024-6366.yaml index f8464b37c7b..5056c6be766 100644 --- a/http/cves/2024/CVE-2024-6366.yaml +++ b/http/cves/2024/CVE-2024-6366.yaml @@ -16,9 +16,10 @@ info: epss-percentile: 0.09351 metadata: vendor: cozmoslabs - product: user-profile-builder + product: "user-profile-builder" framework: wordpress publicwww-query: "/wp-content/plugins/profile-builder" + max-request: 2 tags: cve,cve2024,wpscan,file-upload,instrusive,wp-plugin,wordpress,wp,profile-builder flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6646.yaml b/http/cves/2024/CVE-2024-6646.yaml index 168b731f732..ee9a3813ce6 100644 --- a/http/cves/2024/CVE-2024-6646.yaml +++ b/http/cves/2024/CVE-2024-6646.yaml @@ -17,13 +17,14 @@ info: cvss-score: 5.3 cve-id: CVE-2024-6646 cwe-id: CWE-200 + cpe: cpe:2.3:h:netgear:wn604:*:*:*:*:*:*:*:* epss-score: 0.00045 epss-percentile: 0.16001 - cpe: cpe:2.3:h:netgear:wn604:*:*:*:*:*:*:*:* metadata: fofa-query: title=="Netgear" product: wn604 vendor: netgear + max-request: 1 tags: cve,cve2024,netgear http: diff --git a/http/cves/2024/CVE-2024-6670.yaml b/http/cves/2024/CVE-2024-6670.yaml index acf52c53272..d7b7922f9bd 100644 --- a/http/cves/2024/CVE-2024-6670.yaml +++ b/http/cves/2024/CVE-2024-6670.yaml @@ -15,14 +15,14 @@ info: cvss-score: 9.8 cve-id: CVE-2024-6670 cwe-id: CWE-89 + cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:* epss-score: 0.00043 epss-percentile: 0.09569 - cpe: cpe:2.3:a:progress:whatsup_gold:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 4 - shodan-query: title:"WhatsUp Gold" http.favicon.hash:-2107233094 - product: whatsup_gold + max-request: 5 + shodan-query: "title:\"WhatsUp Gold\" http.favicon.hash:-2107233094" + product: "whatsup_gold" vendor: progress tags: cve,cve2024,whatsup-gold,auth-bypass,sqli,intrusive diff --git a/http/cves/2024/CVE-2024-6746.yaml b/http/cves/2024/CVE-2024-6746.yaml index c44ae78ba3f..a9c6cace30c 100644 --- a/http/cves/2024/CVE-2024-6746.yaml +++ b/http/cves/2024/CVE-2024-6746.yaml @@ -23,6 +23,7 @@ info: metadata: vendor: naibowang product: easyspider + max-request: 2 tags: cve,cve2024,lfi,network flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-6781.yaml b/http/cves/2024/CVE-2024-6781.yaml index c6ee8e3dc26..b529d36bc51 100644 --- a/http/cves/2024/CVE-2024-6781.yaml +++ b/http/cves/2024/CVE-2024-6781.yaml @@ -11,8 +11,9 @@ info: classification: cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:* metadata: + max-request: 2 verified: true - vendor: calibre-ebook + vendor: "calibre-ebook" product: calibre shodan-query: html:"Calibre" fofa-query: "Server: calibre" diff --git a/http/cves/2024/CVE-2024-6782.yaml b/http/cves/2024/CVE-2024-6782.yaml index 181a6db915d..2eabc92f020 100644 --- a/http/cves/2024/CVE-2024-6782.yaml +++ b/http/cves/2024/CVE-2024-6782.yaml @@ -11,12 +11,13 @@ info: classification: cpe: cpe:2.3:a:calibre-ebook:calibre:*:*:*:*:*:*:*:* metadata: - verified: true - vendor: calibre-ebook - product: calibre shodan-query: html:"Calibre" fofa-query: "Server: calibre" max-requeset: 1 + max-request: 2 + verified: true + vendor: "calibre-ebook" + product: calibre tags: cve,cve2024,calibre,rce http: diff --git a/http/cves/2024/CVE-2024-6911.yaml b/http/cves/2024/CVE-2024-6911.yaml index 53851172fef..2ffef6d9161 100644 --- a/http/cves/2024/CVE-2024-6911.yaml +++ b/http/cves/2024/CVE-2024-6911.yaml @@ -16,11 +16,11 @@ info: cvss-score: 8.7 cve-id: CVE-2024-6911 cwe-id: CWE-552 + cpe: cpe:2.3:a:perkinelmer:processplus:1.11.6507:*:*:*:*:*:*:* epss-score: 0.00043 epss-percentile: 0.09524 - cpe: cpe:2.3:a:perkinelmer:processplus:1.11.6507:*:*:*:*:*:*:* metadata: - max-request: 1 + max-request: 2 vendor: perkinelmer product: processplus fofa-query: '"Process Plus" && icon_hash="1772087922"' diff --git a/http/cves/2024/CVE-2024-6924.yaml b/http/cves/2024/CVE-2024-6924.yaml index e964ac90275..dfb303c89b6 100644 --- a/http/cves/2024/CVE-2024-6924.yaml +++ b/http/cves/2024/CVE-2024-6924.yaml @@ -14,6 +14,7 @@ info: product: truebooker framework: wordpress publicwww-query: "/wp-content/plugins/truebooker-appointment-booking" + max-request: 2 tags: time-based-sqli,wpscan,cve,cve2024,sqli,wp,wp-plugin,wordpress,truebooker flow: http(1) && http(2) diff --git a/http/cves/2024/CVE-2024-7008.yaml b/http/cves/2024/CVE-2024-7008.yaml index 9d2e941294f..9f99f89d3ba 100644 --- a/http/cves/2024/CVE-2024-7008.yaml +++ b/http/cves/2024/CVE-2024-7008.yaml @@ -9,10 +9,11 @@ info: reference: - https://starlabs.sg/advisories/24/24-7008/ metadata: - verified: true shodan-query: html:"Calibre" fofa-query: "Server: calibre" max-requeset: 1 + max-request: 1 + verified: true tags: cve,cve2024,calibre,xss http: diff --git a/http/cves/2024/CVE-2024-7332.yaml b/http/cves/2024/CVE-2024-7332.yaml index d655309a165..d3b087b2bb2 100644 --- a/http/cves/2024/CVE-2024-7332.yaml +++ b/http/cves/2024/CVE-2024-7332.yaml @@ -16,13 +16,13 @@ info: cvss-score: 9.8 cve-id: CVE-2024-7332 cwe-id: CWE-259 + cpe: cpe:2.3:a:totolink:cp450:4.1.0cu.747_b20191224:*:*:*:*:*:*:* epss-score: 0.00045 epss-percentile: 0.16226 - cpe: cpe:2.3:a:totolink:cp450:4.1.0cu.747_b20191224:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: totolink - product: cp450_firmware + product: "cp450_firmware" fofa-query: title="totolink" tags: cve,cve2024,totolink diff --git a/http/cves/2024/CVE-2024-8698.yaml b/http/cves/2024/CVE-2024-8698.yaml index 39872cfd338..3899d6159a2 100644 --- a/http/cves/2024/CVE-2024-8698.yaml +++ b/http/cves/2024/CVE-2024-8698.yaml @@ -20,13 +20,13 @@ info: epss-score: 0.00125 epss-percentile: 0.47937 metadata: - verified: true - max-request: 1 + max-request: 2 vendor: redhat product: keycloak shodan-query: http.favicon.hash:"-1105083093" - fofa-query: icon_hash=-1105083093 + fofa-query: "icon_hash=-1105083093" google-query: intitle:"keycloak" + verified: true tags: cve,cve2024,keycloak,saml,signature variables: diff --git a/http/cves/2024/CVE-2024-8883.yaml b/http/cves/2024/CVE-2024-8883.yaml index fa7d12ef9e6..e9f2f14a70d 100644 --- a/http/cves/2024/CVE-2024-8883.yaml +++ b/http/cves/2024/CVE-2024-8883.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2024-8883 cwe-id: CWE-601 metadata: - max-request: 1 + max-request: 36 verified: true shodan-query: title:"keycloak" tags: cve,cve2024,keycloak,redirect diff --git a/http/default-logins/apache/apache-apollo-default-login.yaml b/http/default-logins/apache/apache-apollo-default-login.yaml index 2c4c91643a1..d86c5a1c225 100644 --- a/http/default-logins/apache/apache-apollo-default-login.yaml +++ b/http/default-logins/apache/apache-apollo-default-login.yaml @@ -8,9 +8,9 @@ info: cpe: cpe:2.3:a:apache:activemq_apollo:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: apache - product: activemq_apollo + product: "activemq_apollo" shodan-query: title:"Apache Apollo" tags: apache,apollo,default-login,misconfig variables: diff --git a/http/default-logins/apache/apache-hertzbeat-default-login.yaml b/http/default-logins/apache/apache-hertzbeat-default-login.yaml index e15f66232ac..4c2080b4479 100644 --- a/http/default-logins/apache/apache-hertzbeat-default-login.yaml +++ b/http/default-logins/apache/apache-hertzbeat-default-login.yaml @@ -8,6 +8,8 @@ info: Apache HertzBeat enables default admin credentials. An attacker can execute unauthorized operations. reference: - https://github.com/apache/hertzbeat + metadata: + max-request: 1 tags: apache,hertzbeat,default-login variables: diff --git a/http/default-logins/camaleon/camaleon-default-login.yaml b/http/default-logins/camaleon/camaleon-default-login.yaml index 1d35d94bcb6..9fbcb718c4e 100644 --- a/http/default-logins/camaleon/camaleon-default-login.yaml +++ b/http/default-logins/camaleon/camaleon-default-login.yaml @@ -7,8 +7,9 @@ info: description: | Camaleon CMS default login credentials was discovered. metadata: + max-request: 2 vendor: tuzitio - product: camaleon_cms + product: "camaleon_cms" shodan-query: html:"camaleon_cms" tags: camaleon,default-login diff --git a/http/default-logins/jellyfin/jellyfin-default-login.yaml b/http/default-logins/jellyfin/jellyfin-default-login.yaml index 04afbf0f0eb..bf418f15b05 100644 --- a/http/default-logins/jellyfin/jellyfin-default-login.yaml +++ b/http/default-logins/jellyfin/jellyfin-default-login.yaml @@ -15,6 +15,7 @@ info: fofa-query: title="Jellyfin" product: jellyfin vendor: jellyfin + max-request: 12 tags: default-login,jellyfin,misconfig http: diff --git a/http/default-logins/mantisbt/mantisbt-default-credential.yaml b/http/default-logins/mantisbt/mantisbt-default-credential.yaml index 9b8301f04f6..3a5d89b03fc 100644 --- a/http/default-logins/mantisbt/mantisbt-default-credential.yaml +++ b/http/default-logins/mantisbt/mantisbt-default-credential.yaml @@ -13,10 +13,10 @@ info: cwe-id: CWE-522 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: - max-request: 1 - shodan-query: title:"MantisBT" product: mantisbt vendor: mantisbt + max-request: 4 + shodan-query: title:"MantisBT" tags: mantisbt,default-login http: diff --git a/http/default-logins/sato/sato-default-login.yaml b/http/default-logins/sato/sato-default-login.yaml index a71b51c23e8..4189d10bcd7 100644 --- a/http/default-logins/sato/sato-default-login.yaml +++ b/http/default-logins/sato/sato-default-login.yaml @@ -8,7 +8,7 @@ info: Sato using default credentials was discovered. metadata: verified: true - max-request: 1 + max-request: 2 shodan-query: title:"Sato" tags: sato,default-login,printer diff --git a/http/default-logins/zebra/zebra-printer-default-login.yaml b/http/default-logins/zebra/zebra-printer-default-login.yaml index c2d89d2b8dc..646c711f858 100644 --- a/http/default-logins/zebra/zebra-printer-default-login.yaml +++ b/http/default-logins/zebra/zebra-printer-default-login.yaml @@ -8,7 +8,7 @@ info: Zebra default login credentials was discovered. metadata: verified: true - max-request: 4 + max-request: 2 shodan-query: title:"Zebra" tags: zebra,default-login,misconfig,printer diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index 5be6fae0e9e..1b8d9ce5495 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -12,13 +12,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: - max-request: 1 - vendor: apache product: activemq - shodan-query: - - cpe:"cpe:2.3:a:apache:activemq" - - product:"activemq openwire transport" - - http.title:"Apache ActiveMQ" + shodan-query: '[cpe:"cpe:2.3:a:apache:activemq" product:"activemq openwire transport" http.title:"Apache ActiveMQ"]' + max-request: 3 + vendor: apache tags: panel,activemq,apache,login http: diff --git a/http/exposed-panels/adminer-panel-detect.yaml b/http/exposed-panels/adminer-panel-detect.yaml index 6e5218b50de..a64db297833 100644 --- a/http/exposed-panels/adminer-panel-detect.yaml +++ b/http/exposed-panels/adminer-panel-detect.yaml @@ -12,15 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: - max-request: 741 + max-request: 777 vendor: adminer product: adminer - shodan-query: - - cpe:"cpe:2.3:a:adminer:adminer" - - http.title:"login - adminer" - fofa-query: - - title="login - adminer" - - app="adminer" && body="4.7.8" + shodan-query: '[cpe:"cpe:2.3:a:adminer:adminer" http.title:"login - adminer"]' + fofa-query: '[title="login - adminer" app="adminer" && body="4.7.8"]' hunter-query: app.name="adminer"&&web.body="4.7.8" google-query: intitle:"login - adminer" tags: panel,fuzz,adminer,login,sqli diff --git a/http/exposed-panels/adminer-panel.yaml b/http/exposed-panels/adminer-panel.yaml index 6e855b2dd31..1ced27bdd0f 100644 --- a/http/exposed-panels/adminer-panel.yaml +++ b/http/exposed-panels/adminer-panel.yaml @@ -11,19 +11,14 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:adminer:adminer:*:*:*:*:*:*:*:* metadata: + fofa-query: '[title="login - adminer" app="adminer" && body="4.7.8"]' + hunter-query: app.name="adminer"&&web.body="4.7.8" + google-query: intitle:"login - adminer" verified: true - max-request: 8 + max-request: 9 vendor: adminer product: adminer - shodan-query: - - title:"Login - Adminer" - - cpe:"cpe:2.3:a:adminer:adminer" - - http.title:"login - adminer" - fofa-query: - - title="login - adminer" - - app="adminer" && body="4.7.8" - hunter-query: app.name="adminer"&&web.body="4.7.8" - google-query: intitle:"login - adminer" + shodan-query: '[title:"Login - Adminer" cpe:"cpe:2.3:a:adminer:adminer" http.title:"login - adminer"]' tags: panel,adminer http: diff --git a/http/exposed-panels/authentik-panel.yaml b/http/exposed-panels/authentik-panel.yaml index 903bceaca7c..9dca456f75c 100644 --- a/http/exposed-panels/authentik-panel.yaml +++ b/http/exposed-panels/authentik-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://github.com/searxng/searxng metadata: - max-request: 1 + max-request: 2 verified: true - shodan-query: http.favicon.hash:-178113786 + shodan-query: "http.favicon.hash:-178113786" tags: authentik,sso,mfa,panel,detect http: diff --git a/http/exposed-panels/axway-api-manager-panel.yaml b/http/exposed-panels/axway-api-manager-panel.yaml index 8ce2046f10c..1ec804de1e7 100644 --- a/http/exposed-panels/axway-api-manager-panel.yaml +++ b/http/exposed-panels/axway-api-manager-panel.yaml @@ -11,7 +11,7 @@ info: - https://www.postman.com/api-evangelist/axway/api/ce2ac156-4353-46b9-b148-944ab7721ed6 metadata: verified: true - max-request: 1 + max-request: 2 shodan-query: http.title:"Axway API Manager Login" tags: panel,axway,detect,login diff --git a/http/exposed-panels/camaleon-panel.yaml b/http/exposed-panels/camaleon-panel.yaml index 511e12fff09..b6f80752f99 100644 --- a/http/exposed-panels/camaleon-panel.yaml +++ b/http/exposed-panels/camaleon-panel.yaml @@ -8,8 +8,9 @@ info: Camaleon CMS admin login panel was discovered. metadata: vendor: tuzitio - product: camaleon_cms + product: "camaleon_cms" shodan-query: html:"camaleon_cms" + max-request: 1 tags: camaleon,panel,login http: diff --git a/http/exposed-panels/canon/canon-iradv-c3325.yaml b/http/exposed-panels/canon/canon-iradv-c3325.yaml index e70f62640a6..c362dcaec85 100644 --- a/http/exposed-panels/canon/canon-iradv-c3325.yaml +++ b/http/exposed-panels/canon/canon-iradv-c3325.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: true - max-request: 2 + max-request: 1 shodan-query: title:"c3325" tags: canon,c3325,panel,login,detect diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index ec2dfdbeffc..f26cc90c9ee 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:* metadata: - max-request: 5 vendor: checkmk product: checkmk verified: true shodan-query: http.title:"Check_MK" + max-request: 1 tags: panel,checkmk,detect,login http: diff --git a/http/exposed-panels/django-admin-panel.yaml b/http/exposed-panels/django-admin-panel.yaml index 38726f11a0f..89024968463 100644 --- a/http/exposed-panels/django-admin-panel.yaml +++ b/http/exposed-panels/django-admin-panel.yaml @@ -10,7 +10,7 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 1 vendor: djangoproject product: django shodan-query: cpe:"cpe:2.3:a:djangoproject:django" || http.title:"Django administration" diff --git a/http/exposed-panels/filegator-panel.yaml b/http/exposed-panels/filegator-panel.yaml index e4d33d75510..2a0c0395bb1 100644 --- a/http/exposed-panels/filegator-panel.yaml +++ b/http/exposed-panels/filegator-panel.yaml @@ -8,7 +8,7 @@ info: - https://serverpilot.io/docs/how-to-install-a-file-manager-on-your-server/#:~:text=You%20should%20see%20the%20FileGator,Password%3A%20admin123 metadata: verified: true - max-request: 2 + max-request: 1 shodan-query: title:"FileGator" tags: filegator,panel,login,detect diff --git a/http/exposed-panels/ibm/ibm-api-connect-panel.yaml b/http/exposed-panels/ibm/ibm-api-connect-panel.yaml index 6ca736951ec..b89e5e13d37 100644 --- a/http/exposed-panels/ibm/ibm-api-connect-panel.yaml +++ b/http/exposed-panels/ibm/ibm-api-connect-panel.yaml @@ -8,7 +8,7 @@ info: reference: - https://www.ibm.com/products/api-connect/developer-portal metadata: - max-request: 1 + max-request: 2 tags: panel,ibm,api,detect,login http: diff --git a/http/exposed-panels/ibm/ibm-note-login.yaml b/http/exposed-panels/ibm/ibm-note-login.yaml index 151db4b6d95..c0b66812a6e 100644 --- a/http/exposed-panels/ibm/ibm-note-login.yaml +++ b/http/exposed-panels/ibm/ibm-note-login.yaml @@ -12,10 +12,10 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:ibm:inotes:*:*:*:*:*:*:*:* metadata: - max-request: 2 vendor: ibm shodan-query: http.title:"IBM iNotes Login" product: inotes + max-request: 3 tags: ibm,edb,panel,login,detect http: diff --git a/http/exposed-panels/jboss/jboss-soa-platform.yaml b/http/exposed-panels/jboss/jboss-soa-platform.yaml index b5d79298ec3..8f38dd572a5 100644 --- a/http/exposed-panels/jboss/jboss-soa-platform.yaml +++ b/http/exposed-panels/jboss/jboss-soa-platform.yaml @@ -10,15 +10,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:redhat:jboss_soa_platform:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 vendor: redhat - product: jboss_soa_platform - shodan-query: - - http.title:"Welcome to the JBoss SOA Platform" - - http.title:"welcome to the jboss soa platform" + product: "jboss_soa_platform" + shodan-query: '[http.title:"Welcome to the JBoss SOA Platform" http.title:"welcome to the jboss soa platform"]' fofa-query: title="welcome to the jboss soa platform" google-query: intitle:"welcome to the jboss soa platform" + verified: true + max-request: 2 tags: panel,jboss,soa,redhat,detect http: diff --git a/http/exposed-panels/malwared-byob.yaml b/http/exposed-panels/malwared-byob.yaml index 37d83ef04f5..bf108eea057 100644 --- a/http/exposed-panels/malwared-byob.yaml +++ b/http/exposed-panels/malwared-byob.yaml @@ -9,8 +9,9 @@ info: reference: - https://github.com/malwaredllc/byob metadata: - shodan-query: http.favicon.hash:487145192 + shodan-query: "http.favicon.hash:487145192" fofa-query: icon_hash="487145192" + max-request: 1 tags: panel,malware,byob,botnet,oss,detect http: diff --git a/http/exposed-panels/open-stack-dashboard-login.yaml b/http/exposed-panels/open-stack-dashboard-login.yaml index 24189796cfc..f382405b499 100644 --- a/http/exposed-panels/open-stack-dashboard-login.yaml +++ b/http/exposed-panels/open-stack-dashboard-login.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:openstack:horizon:*:*:*:*:*:*:*:* metadata: - max-request: 2 + max-request: 3 vendor: openstack product: horizon tags: panel,openstack,edb diff --git a/http/exposed-panels/oracle-application-server-panel.yaml b/http/exposed-panels/oracle-application-server-panel.yaml index 9e119a54453..1e8793eee77 100644 --- a/http/exposed-panels/oracle-application-server-panel.yaml +++ b/http/exposed-panels/oracle-application-server-panel.yaml @@ -10,7 +10,7 @@ info: - https://www.oracle.com/middleware/technologies/internet-application-server.html metadata: verified: true - max-request: 1 + max-request: 2 shodan-query: http.title:"Oracle Containers for J2EE" tags: panel,oracle,containers,login,detect diff --git a/http/exposed-panels/phpmyadmin-panel.yaml b/http/exposed-panels/phpmyadmin-panel.yaml index 302281e28bb..019c616a28e 100644 --- a/http/exposed-panels/phpmyadmin-panel.yaml +++ b/http/exposed-panels/phpmyadmin-panel.yaml @@ -10,19 +10,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: - max-request: 14 + hunter-query: app.name="phpmyadmin"&&web.body="pma_servername"&&web.body="4.8.4" + max-request: 15 vendor: phpmyadmin product: phpmyadmin - shodan-query: - - "http.title:phpMyAdmin" - - http.title:"phpmyadmin" - - http.component:"phpmyadmin" - - cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin" - fofa-query: - - body="pma_servername" && body="4.8.4" - - title="phpmyadmin" + shodan-query: '[http.title:phpMyAdmin http.title:"phpmyadmin" http.component:"phpmyadmin" cpe:"cpe:2.3:a:phpmyadmin:phpmyadmin"]' + fofa-query: '[body="pma_servername" && body="4.8.4" title="phpmyadmin"]' google-query: intitle:"phpmyadmin" - hunter-query: app.name="phpmyadmin"&&web.body="pma_servername"&&web.body="4.8.4" tags: panel,phpmyadmin http: diff --git a/http/exposed-panels/procore-panel.yaml b/http/exposed-panels/procore-panel.yaml index bb712bcc8fa..53b9594e2ee 100644 --- a/http/exposed-panels/procore-panel.yaml +++ b/http/exposed-panels/procore-panel.yaml @@ -1,15 +1,14 @@ id: procore-panel -info: - name: Procore Login - Panel - author: rxerium - severity: info - metadata: - max-request: 2 - verified: true - shodan-query: http.favicon.hash:1952289652 - tags: panel,login,detect,procore - +info: + name: Procore Login - Panel + author: rxerium + severity: info + metadata: + max-request: 3 + verified: true + shodan-query: "http.favicon.hash:1952289652" + tags: panel,login,detect,procore http: - method: GET path: diff --git a/http/exposed-panels/riello-netman204-panel.yaml b/http/exposed-panels/riello-netman204-panel.yaml index 3346be885be..8b13a2cfb59 100644 --- a/http/exposed-panels/riello-netman204-panel.yaml +++ b/http/exposed-panels/riello-netman204-panel.yaml @@ -9,12 +9,13 @@ info: reference: - https://www.riello-ups.com metadata: - vendor: riello-ups - product: netman_204_firmware + vendor: "riello-ups" + product: "netman_204_firmware" shodan-query: title:"netman 204" fofa-query: title="netman 204" censys-query: services.http.response.body:"netman204" google-query: intitle:"netman 204" + max-request: 1 tags: netman,panel,detect,login http: diff --git a/http/exposed-panels/tomcat/tomcat-exposed.yaml b/http/exposed-panels/tomcat/tomcat-exposed.yaml index f024ff2197b..ed8ebcc12bd 100644 --- a/http/exposed-panels/tomcat/tomcat-exposed.yaml +++ b/http/exposed-panels/tomcat/tomcat-exposed.yaml @@ -8,19 +8,13 @@ info: classification: cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: - max-request: 1 + shodan-query: '[title:"Apache Tomcat" http.title:"apache tomcat" http.html:"apache tomcat" cpe:"cpe:2.3:a:apache:tomcat"]' + fofa-query: '[body="apache tomcat" title="apache tomcat"]' + google-query: intitle:"apache tomcat" + max-request: 5 verified: true vendor: apache product: tomcat - shodan-query: - - title:"Apache Tomcat" - - http.title:"apache tomcat" - - http.html:"apache tomcat" - - cpe:"cpe:2.3:a:apache:tomcat" - fofa-query: - - body="apache tomcat" - - title="apache tomcat" - google-query: intitle:"apache tomcat" tags: tomcat,panel,apache,detect http: diff --git a/http/exposed-panels/tplink/tplink-r470t-panel.yaml b/http/exposed-panels/tplink/tplink-r470t-panel.yaml index 5dba8324728..0bf99e45b0e 100644 --- a/http/exposed-panels/tplink/tplink-r470t-panel.yaml +++ b/http/exposed-panels/tplink/tplink-r470t-panel.yaml @@ -5,9 +5,9 @@ info: author: ritikchaddha severity: info metadata: + shodan-query: r470t verified: true - max-request: 2 - shodan-query: "r470t" + max-request: 1 tags: tplink,r470t,panel,login,detect http: diff --git a/http/exposed-panels/umbraco-login.yaml b/http/exposed-panels/umbraco-login.yaml index a79f9077f36..c8ee8b60534 100644 --- a/http/exposed-panels/umbraco-login.yaml +++ b/http/exposed-panels/umbraco-login.yaml @@ -12,15 +12,13 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:* metadata: + google-query: intitle:"umbraco" verified: true - max-request: 1 + max-request: 2 vendor: umbraco - product: umbraco_cms - shodan-query: - - http.title:"Umbraco" - - http.title:"umbraco" + product: "umbraco_cms" + shodan-query: '[http.title:"Umbraco" http.title:"umbraco"]' fofa-query: title="umbraco" - google-query: intitle:"umbraco" tags: panel,umbraco,detect http: diff --git a/http/exposures/apis/swagger-api.yaml b/http/exposures/apis/swagger-api.yaml index bbf908634a0..0eeab64e00f 100644 --- a/http/exposures/apis/swagger-api.yaml +++ b/http/exposures/apis/swagger-api.yaml @@ -11,8 +11,8 @@ info: cwe-id: CWE-200 metadata: verified: true - max-request: 59 - shodan-query: "http.title:\"swagger\"" + max-request: 60 + shodan-query: http.title:"swagger" tags: exposure,api,swagger http: diff --git a/http/exposures/backups/php-backup-files.yaml b/http/exposures/backups/php-backup-files.yaml index 3ea617fc8d5..6c7a8e12999 100644 --- a/http/exposures/backups/php-backup-files.yaml +++ b/http/exposures/backups/php-backup-files.yaml @@ -6,7 +6,7 @@ info: severity: medium description: PHP Source File is disclosed to external users. metadata: - max-request: 1512 + max-request: 1568 tags: exposure,backup,php,disclosure,fuzz http: diff --git a/http/exposures/backups/sql-server-dump.yaml b/http/exposures/backups/sql-server-dump.yaml index 5f89c7d571c..350eb04b97f 100644 --- a/http/exposures/backups/sql-server-dump.yaml +++ b/http/exposures/backups/sql-server-dump.yaml @@ -1,19 +1,18 @@ id: sql-server-dump -info: - name: SQL Server - Dump Files - author: userdehghani - severity: medium - description: | - A SQL Server dump file was found - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 - metadata: - max-request: 21 - tags: exposure,backup,sql-server - +info: + name: SQL Server - Dump Files + author: userdehghani + severity: medium + description: | + A SQL Server dump file was found + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 + metadata: + max-request: 22 + tags: exposure,backup,sql-server http: - method: GET path: diff --git a/http/exposures/configs/phpinfo-files.yaml b/http/exposures/configs/phpinfo-files.yaml index e09ff94ac8a..03fc3cff03b 100644 --- a/http/exposures/configs/phpinfo-files.yaml +++ b/http/exposures/configs/phpinfo-files.yaml @@ -10,7 +10,7 @@ info: classification: cwe-id: CWE-200 metadata: - max-request: 25 + max-request: 27 tags: config,exposure,phpinfo http: diff --git a/http/exposures/configs/symfony-profiler.yaml b/http/exposures/configs/symfony-profiler.yaml index e3d82c8ce57..8d7a6ca909b 100644 --- a/http/exposures/configs/symfony-profiler.yaml +++ b/http/exposures/configs/symfony-profiler.yaml @@ -12,11 +12,11 @@ info: cwe-id: CWE-200 cpe: cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:* metadata: + vendor: sensiolabs verified: true - max-request: 2 + max-request: 19 shodan-query: http.html:"symfony Profiler" product: symfony - vendor: sensiolabs tags: config,exposure,symfony http: diff --git a/http/exposures/files/adcs-certificate.yaml b/http/exposures/files/adcs-certificate.yaml index 9f9958360ac..53162e676b5 100644 --- a/http/exposures/files/adcs-certificate.yaml +++ b/http/exposures/files/adcs-certificate.yaml @@ -7,8 +7,9 @@ info: description: | Web Enrollment is a service that can be installed on an AD CS server to allow users and computers in an Active Directory domain to request a certificate through an interactive web page. metadata: - verified: true shodan-query: html:"/certenroll" + max-request: 2 + verified: true tags: ad,adcs,exposure,files http: diff --git a/http/exposures/files/gitlab-ci-yml.yaml b/http/exposures/files/gitlab-ci-yml.yaml index 337fe526bc8..7019eba4f04 100644 --- a/http/exposures/files/gitlab-ci-yml.yaml +++ b/http/exposures/files/gitlab-ci-yml.yaml @@ -6,18 +6,18 @@ info: severity: medium description: | The gitlab-ci.yml file, used for configuring CI/CD pipelines in GitLab, has been found exposed. This file contains crucial details about the build, test, and deployment processes, and may include sensitive information such as API keys, tokens, environment variables, and other credentials. - impact: | - Unauthorized access to this file can lead to severe security risks and operational disruptions. reference: - https://x.com/RootMoksha/status/1816571625388818923/photo/1 + impact: | + Unauthorized access to this file can lead to severe security risks and operational disruptions. classification: cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 2 vendor: gitlab product: gitlab shodan-query: html:"gitlab-ci.yml" + verified: true + max-request: 3 tags: exposure,config,cicd,gitlab http: diff --git a/http/exposures/tokens/jwk-json-leak.yaml b/http/exposures/tokens/jwk-json-leak.yaml index e9154bb1767..4d51e5b3185 100644 --- a/http/exposures/tokens/jwk-json-leak.yaml +++ b/http/exposures/tokens/jwk-json-leak.yaml @@ -12,8 +12,8 @@ info: cpe: cpe:2.3:a:jwt_project:jwt:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 - vendor: jwt_project + max-request: 6 + vendor: "jwt_project" product: jwt shodan-query: html:"jwks.json" tags: exposure,token,generic diff --git a/http/fuzzing/cache-poisoning-fuzz.yaml b/http/fuzzing/cache-poisoning-fuzz.yaml index 2d5d7c063ea..d076d5bfa85 100644 --- a/http/fuzzing/cache-poisoning-fuzz.yaml +++ b/http/fuzzing/cache-poisoning-fuzz.yaml @@ -8,7 +8,7 @@ info: - https://youst.in/posts/cache-poisoning-at-scale/ - https://portswigger.net/web-security/web-cache-poisoning metadata: - max-request: 5834 + max-request: 5838 tags: fuzz,cache,fuzzing http: diff --git a/http/fuzzing/wordpress-plugins-detect.yaml b/http/fuzzing/wordpress-plugins-detect.yaml index 59b113185f6..8c438e8f3ea 100644 --- a/http/fuzzing/wordpress-plugins-detect.yaml +++ b/http/fuzzing/wordpress-plugins-detect.yaml @@ -5,7 +5,7 @@ info: author: 0xcrypto severity: info metadata: - max-request: 100563 + max-request: 100561 tags: fuzz,wordpress,fuzzing http: diff --git a/http/fuzzing/xff-403-bypass.yaml b/http/fuzzing/xff-403-bypass.yaml index d1df9074fcd..c860198f7ab 100644 --- a/http/fuzzing/xff-403-bypass.yaml +++ b/http/fuzzing/xff-403-bypass.yaml @@ -6,7 +6,7 @@ info: severity: info description: Template to detect 403 forbidden endpoint bypass behind Nginx/Apache proxy & load balancers, based on X-Forwarded-For header. metadata: - max-request: 3 + max-request: 2 tags: fuzzing,xff-403-bypass http: diff --git a/http/misconfiguration/directory-listing-no-host-header.yaml b/http/misconfiguration/directory-listing-no-host-header.yaml index 1a0a413cbda..29fed1daf2f 100644 --- a/http/misconfiguration/directory-listing-no-host-header.yaml +++ b/http/misconfiguration/directory-listing-no-host-header.yaml @@ -8,7 +8,7 @@ info: The HTTP server is configured to list files in the root directory when no Host header is provided. metadata: verified: true - max-request: 1 + max-request: 2 tags: misconfig,listing flow: http(1) && http(2) diff --git a/http/misconfiguration/installer/projectsend-installer.yaml b/http/misconfiguration/installer/projectsend-installer.yaml index 9e02ec7e381..8a325a0b4d8 100644 --- a/http/misconfiguration/installer/projectsend-installer.yaml +++ b/http/misconfiguration/installer/projectsend-installer.yaml @@ -11,11 +11,11 @@ info: classification: cpe: cpe:2.3:a:projectsend:projectsend:*:*:*:*:*:*:*:* metadata: + shodan-query: html:"ProjectSend setup" verified: true - max-request: 1 + max-request: 2 vendor: projectsend product: projectsend - shodan-query: html:"ProjectSend setup" tags: misconfig,install,exposure,projectsend http: diff --git a/http/misconfiguration/installer/umbraco-installer.yaml b/http/misconfiguration/installer/umbraco-installer.yaml index a62763ab7c3..3ec4477fdb7 100644 --- a/http/misconfiguration/installer/umbraco-installer.yaml +++ b/http/misconfiguration/installer/umbraco-installer.yaml @@ -8,11 +8,11 @@ info: classification: cpe: cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:* metadata: - verified: true - max-request: 1 vendor: umbraco - product: umbraco_cms + product: "umbraco_cms" shodan-query: title:"Install Umbraco" + verified: true + max-request: 2 tags: misconfig,umbraco,install,oss http: diff --git a/http/misconfiguration/jaeger-ui-dashboard.yaml b/http/misconfiguration/jaeger-ui-dashboard.yaml index ceb95c9e60a..4c8b6946dd4 100644 --- a/http/misconfiguration/jaeger-ui-dashboard.yaml +++ b/http/misconfiguration/jaeger-ui-dashboard.yaml @@ -11,9 +11,9 @@ info: cpe: cpe:2.3:a:jaegertracing:jaeger_ui:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: jaegertracing - product: jaeger_ui + product: "jaeger_ui" shodan-query: http.title:"Jaeger UI" tags: misconfig diff --git a/http/misconfiguration/laravel-debug-error.yaml b/http/misconfiguration/laravel-debug-error.yaml index 69c3265865d..da70cc02b87 100644 --- a/http/misconfiguration/laravel-debug-error.yaml +++ b/http/misconfiguration/laravel-debug-error.yaml @@ -6,7 +6,7 @@ info: severity: medium description: Larvel Debug method is enabled. metadata: - max-request: 1 + max-request: 3 tags: debug,laravel,misconfig http: diff --git a/http/misconfiguration/nginx/nginx-api-traversal.yaml b/http/misconfiguration/nginx/nginx-api-traversal.yaml index 8db35b5dd6e..5da0a8be5d4 100644 --- a/http/misconfiguration/nginx/nginx-api-traversal.yaml +++ b/http/misconfiguration/nginx/nginx-api-traversal.yaml @@ -11,6 +11,7 @@ info: - https://x.com/akshaysharma71/status/1825815869953552844 metadata: verified: true + max-request: 65 tags: nginx,fuzz,misconfig,lfi http: diff --git a/http/technologies/apache/apache-cloudstack-detect.yaml b/http/technologies/apache/apache-cloudstack-detect.yaml index 6534304ac5d..910bd29023c 100644 --- a/http/technologies/apache/apache-cloudstack-detect.yaml +++ b/http/technologies/apache/apache-cloudstack-detect.yaml @@ -11,6 +11,7 @@ info: vendor: apache product: cloudstack shodan-query: http.title:"Apache CloudStack" + max-request: 1 tags: tech,apache,cloudstack http: diff --git a/http/technologies/domibus-detect.yaml b/http/technologies/domibus-detect.yaml index e52d4b8a673..370df1d6c2d 100644 --- a/http/technologies/domibus-detect.yaml +++ b/http/technologies/domibus-detect.yaml @@ -1,19 +1,18 @@ id: domibus-detect -info: - name: Domibus - Detect - author: righettod - severity: info - description: | - Domibus was detected. - reference: - - https://ec.europa.eu/digital-building-blocks/sites/display/DIGITAL/Domibus - metadata: - verified: true - max-request: 1 - shodan-query: http.title:"Domibus" - tags: tech,domibus,detect - +info: + name: Domibus - Detect + author: righettod + severity: info + description: | + Domibus was detected. + reference: + - https://ec.europa.eu/digital-building-blocks/sites/display/DIGITAL/Domibus + metadata: + max-request: 2 + shodan-query: http.title:"Domibus" + verified: true + tags: tech,domibus,detect http: - method: GET path: diff --git a/http/technologies/kubernetes/kubelet/kubelet-metrics.yaml b/http/technologies/kubernetes/kubelet/kubelet-metrics.yaml index b21ff7ef02c..9fc8f323685 100644 --- a/http/technologies/kubernetes/kubelet/kubelet-metrics.yaml +++ b/http/technologies/kubernetes/kubelet/kubelet-metrics.yaml @@ -10,7 +10,7 @@ info: - https://github.com/kubernetes-sigs/metrics-server metadata: verified: true - max-request: 1 + max-request: 2 shodan-query: http.title:"Kube Metrics Server" tags: tech,k8s,kubernetes,devops,kubelet diff --git a/http/technologies/wordpress/plugins/ad-inserter.yaml b/http/technologies/wordpress/plugins/ad-inserter.yaml index 98be0924742..8c63d3ddc28 100644 --- a/http/technologies/wordpress/plugins/ad-inserter.yaml +++ b/http/technologies/wordpress/plugins/ad-inserter.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ad-inserter/ metadata: - plugin_namespace: ad-inserter - wpscan: https://wpscan.com/plugin/ad-inserter + plugin_namespace: "ad-inserter" + wpscan: "https://wpscan.com/plugin/ad-inserter" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/add-to-any.yaml b/http/technologies/wordpress/plugins/add-to-any.yaml index 728b6ce2c28..2f662068dbb 100644 --- a/http/technologies/wordpress/plugins/add-to-any.yaml +++ b/http/technologies/wordpress/plugins/add-to-any.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/add-to-any/ metadata: - plugin_namespace: add-to-any - wpscan: https://wpscan.com/plugin/add-to-any + plugin_namespace: "add-to-any" + wpscan: "https://wpscan.com/plugin/add-to-any" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/admin-menu-editor.yaml b/http/technologies/wordpress/plugins/admin-menu-editor.yaml index 62a42bc79c9..fdf53bc9858 100644 --- a/http/technologies/wordpress/plugins/admin-menu-editor.yaml +++ b/http/technologies/wordpress/plugins/admin-menu-editor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/admin-menu-editor/ metadata: - plugin_namespace: admin-menu-editor - wpscan: https://wpscan.com/plugin/admin-menu-editor + max-request: 1 + plugin_namespace: "admin-menu-editor" + wpscan: "https://wpscan.com/plugin/admin-menu-editor" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/advanced-custom-fields.yaml b/http/technologies/wordpress/plugins/advanced-custom-fields.yaml index 20813e0e762..31452ee8343 100644 --- a/http/technologies/wordpress/plugins/advanced-custom-fields.yaml +++ b/http/technologies/wordpress/plugins/advanced-custom-fields.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/advanced-custom-fields/ metadata: - plugin_namespace: advanced-custom-fields - wpscan: https://wpscan.com/plugin/advanced-custom-fields + plugin_namespace: "advanced-custom-fields" + wpscan: "https://wpscan.com/plugin/advanced-custom-fields" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/akismet.yaml b/http/technologies/wordpress/plugins/akismet.yaml index c916c8d5c12..686738c03d9 100644 --- a/http/technologies/wordpress/plugins/akismet.yaml +++ b/http/technologies/wordpress/plugins/akismet.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/akismet/ metadata: plugin_namespace: akismet - wpscan: https://wpscan.com/plugin/akismet + wpscan: "https://wpscan.com/plugin/akismet" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/all-in-one-seo-pack.yaml b/http/technologies/wordpress/plugins/all-in-one-seo-pack.yaml index 330ea92da21..559df26a75e 100644 --- a/http/technologies/wordpress/plugins/all-in-one-seo-pack.yaml +++ b/http/technologies/wordpress/plugins/all-in-one-seo-pack.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/all-in-one-seo-pack/ metadata: - plugin_namespace: all-in-one-seo-pack - wpscan: https://wpscan.com/plugin/all-in-one-seo-pack + wpscan: "https://wpscan.com/plugin/all-in-one-seo-pack" + max-request: 1 + plugin_namespace: "all-in-one-seo-pack" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/all-in-one-wp-migration.yaml b/http/technologies/wordpress/plugins/all-in-one-wp-migration.yaml index 89a17b0c57e..93ed70d74b1 100644 --- a/http/technologies/wordpress/plugins/all-in-one-wp-migration.yaml +++ b/http/technologies/wordpress/plugins/all-in-one-wp-migration.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/all-in-one-wp-migration/ metadata: - plugin_namespace: all-in-one-wp-migration - wpscan: https://wpscan.com/plugin/all-in-one-wp-migration + plugin_namespace: "all-in-one-wp-migration" + wpscan: "https://wpscan.com/plugin/all-in-one-wp-migration" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml b/http/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml index 5a2b7cf6878..804659b0ed6 100644 --- a/http/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml +++ b/http/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ metadata: - plugin_namespace: all-in-one-wp-security-and-firewall - wpscan: https://wpscan.com/plugin/all-in-one-wp-security-and-firewall + plugin_namespace: "all-in-one-wp-security-and-firewall" + wpscan: "https://wpscan.com/plugin/all-in-one-wp-security-and-firewall" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/amp.yaml b/http/technologies/wordpress/plugins/amp.yaml index 583fc1d03ce..58119e58974 100644 --- a/http/technologies/wordpress/plugins/amp.yaml +++ b/http/technologies/wordpress/plugins/amp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/amp/ metadata: + max-request: 1 plugin_namespace: amp - wpscan: https://wpscan.com/plugin/amp + wpscan: "https://wpscan.com/plugin/amp" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/antispam-bee.yaml b/http/technologies/wordpress/plugins/antispam-bee.yaml index 3c79bf0e235..ad01f9f7c19 100644 --- a/http/technologies/wordpress/plugins/antispam-bee.yaml +++ b/http/technologies/wordpress/plugins/antispam-bee.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/antispam-bee/ metadata: - plugin_namespace: antispam-bee - wpscan: https://wpscan.com/plugin/antispam-bee + plugin_namespace: "antispam-bee" + wpscan: "https://wpscan.com/plugin/antispam-bee" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/astra-sites.yaml b/http/technologies/wordpress/plugins/astra-sites.yaml index a9ca689d726..e83d3b65bf9 100644 --- a/http/technologies/wordpress/plugins/astra-sites.yaml +++ b/http/technologies/wordpress/plugins/astra-sites.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/astra-sites/ metadata: - plugin_namespace: astra-sites - wpscan: https://wpscan.com/plugin/astra-sites + plugin_namespace: "astra-sites" + wpscan: "https://wpscan.com/plugin/astra-sites" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/autoptimize.yaml b/http/technologies/wordpress/plugins/autoptimize.yaml index b71c7820d87..d0179ad4a64 100644 --- a/http/technologies/wordpress/plugins/autoptimize.yaml +++ b/http/technologies/wordpress/plugins/autoptimize.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/autoptimize/ metadata: + max-request: 1 plugin_namespace: autoptimize - wpscan: https://wpscan.com/plugin/autoptimize + wpscan: "https://wpscan.com/plugin/autoptimize" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/backwpup.yaml b/http/technologies/wordpress/plugins/backwpup.yaml index f249aa458c2..b714644b6bc 100644 --- a/http/technologies/wordpress/plugins/backwpup.yaml +++ b/http/technologies/wordpress/plugins/backwpup.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/backwpup/ metadata: + wpscan: "https://wpscan.com/plugin/backwpup" + max-request: 1 plugin_namespace: backwpup - wpscan: https://wpscan.com/plugin/backwpup tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/better-search-replace.yaml b/http/technologies/wordpress/plugins/better-search-replace.yaml index 4c6d9fafd79..7c585b3d73d 100644 --- a/http/technologies/wordpress/plugins/better-search-replace.yaml +++ b/http/technologies/wordpress/plugins/better-search-replace.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/better-search-replace/ metadata: - plugin_namespace: better-search-replace - wpscan: https://wpscan.com/plugin/better-search-replace + max-request: 1 + plugin_namespace: "better-search-replace" + wpscan: "https://wpscan.com/plugin/better-search-replace" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/better-wp-security.yaml b/http/technologies/wordpress/plugins/better-wp-security.yaml index 8ad69ced3e6..a0dfaff2270 100644 --- a/http/technologies/wordpress/plugins/better-wp-security.yaml +++ b/http/technologies/wordpress/plugins/better-wp-security.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/better-wp-security/ metadata: - plugin_namespace: better-wp-security - wpscan: https://wpscan.com/plugin/better-wp-security + plugin_namespace: "better-wp-security" + wpscan: "https://wpscan.com/plugin/better-wp-security" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml b/http/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml index af8703e53b6..d5f8c67bc04 100644 --- a/http/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml +++ b/http/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/black-studio-tinymce-widget/ metadata: - plugin_namespace: black-studio-tinymce-widget - wpscan: https://wpscan.com/plugin/black-studio-tinymce-widget + plugin_namespace: "black-studio-tinymce-widget" + wpscan: "https://wpscan.com/plugin/black-studio-tinymce-widget" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/breadcrumb-navxt.yaml b/http/technologies/wordpress/plugins/breadcrumb-navxt.yaml index 475bd23e9d3..3f9960b4f8a 100644 --- a/http/technologies/wordpress/plugins/breadcrumb-navxt.yaml +++ b/http/technologies/wordpress/plugins/breadcrumb-navxt.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/breadcrumb-navxt/ metadata: - plugin_namespace: breadcrumb-navxt - wpscan: https://wpscan.com/plugin/breadcrumb-navxt + plugin_namespace: "breadcrumb-navxt" + wpscan: "https://wpscan.com/plugin/breadcrumb-navxt" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/breeze.yaml b/http/technologies/wordpress/plugins/breeze.yaml index 6ba6cdfca91..be3df02c4b5 100644 --- a/http/technologies/wordpress/plugins/breeze.yaml +++ b/http/technologies/wordpress/plugins/breeze.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/breeze/ metadata: plugin_namespace: breeze - wpscan: https://wpscan.com/plugin/breeze + wpscan: "https://wpscan.com/plugin/breeze" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/broken-link-checker.yaml b/http/technologies/wordpress/plugins/broken-link-checker.yaml index e1ed7e4d51c..b87f34a92e1 100644 --- a/http/technologies/wordpress/plugins/broken-link-checker.yaml +++ b/http/technologies/wordpress/plugins/broken-link-checker.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/broken-link-checker/ metadata: - plugin_namespace: broken-link-checker - wpscan: https://wpscan.com/plugin/broken-link-checker + plugin_namespace: "broken-link-checker" + wpscan: "https://wpscan.com/plugin/broken-link-checker" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/chaty.yaml b/http/technologies/wordpress/plugins/chaty.yaml index 0a66115111b..886ef85f9b7 100644 --- a/http/technologies/wordpress/plugins/chaty.yaml +++ b/http/technologies/wordpress/plugins/chaty.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/chaty/ metadata: plugin_namespace: chaty - wpscan: https://wpscan.com/plugin/chaty + wpscan: "https://wpscan.com/plugin/chaty" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/child-theme-configurator.yaml b/http/technologies/wordpress/plugins/child-theme-configurator.yaml index e4d73389b8a..4f03932430f 100644 --- a/http/technologies/wordpress/plugins/child-theme-configurator.yaml +++ b/http/technologies/wordpress/plugins/child-theme-configurator.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/child-theme-configurator/ metadata: - plugin_namespace: child-theme-configurator - wpscan: https://wpscan.com/plugin/child-theme-configurator + plugin_namespace: "child-theme-configurator" + wpscan: "https://wpscan.com/plugin/child-theme-configurator" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/classic-editor.yaml b/http/technologies/wordpress/plugins/classic-editor.yaml index a7a0822762e..b47b4246ff3 100644 --- a/http/technologies/wordpress/plugins/classic-editor.yaml +++ b/http/technologies/wordpress/plugins/classic-editor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/classic-editor/ metadata: - plugin_namespace: classic-editor - wpscan: https://wpscan.com/plugin/classic-editor + plugin_namespace: "classic-editor" + wpscan: "https://wpscan.com/plugin/classic-editor" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/classic-widgets.yaml b/http/technologies/wordpress/plugins/classic-widgets.yaml index d207d260e4d..b780d660bff 100644 --- a/http/technologies/wordpress/plugins/classic-widgets.yaml +++ b/http/technologies/wordpress/plugins/classic-widgets.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/classic-widgets/ metadata: - plugin_namespace: classic-widgets - wpscan: https://wpscan.com/plugin/classic-widgets + wpscan: "https://wpscan.com/plugin/classic-widgets" + max-request: 1 + plugin_namespace: "classic-widgets" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml b/http/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml index b20add1476c..2618d1ece34 100644 --- a/http/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml +++ b/http/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/click-to-chat-for-whatsapp/ metadata: - plugin_namespace: click-to-chat-for-whatsapp - wpscan: https://wpscan.com/plugin/click-to-chat-for-whatsapp + plugin_namespace: "click-to-chat-for-whatsapp" + wpscan: "https://wpscan.com/plugin/click-to-chat-for-whatsapp" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/cmb2.yaml b/http/technologies/wordpress/plugins/cmb2.yaml index f165888bcbc..bae771aba6c 100644 --- a/http/technologies/wordpress/plugins/cmb2.yaml +++ b/http/technologies/wordpress/plugins/cmb2.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/cmb2/ metadata: + max-request: 1 plugin_namespace: cmb2 - wpscan: https://wpscan.com/plugin/cmb2 + wpscan: "https://wpscan.com/plugin/cmb2" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/coblocks.yaml b/http/technologies/wordpress/plugins/coblocks.yaml index 2c1f3db1c9f..14933f8df83 100644 --- a/http/technologies/wordpress/plugins/coblocks.yaml +++ b/http/technologies/wordpress/plugins/coblocks.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/coblocks/ metadata: plugin_namespace: coblocks - wpscan: https://wpscan.com/plugin/coblocks + wpscan: "https://wpscan.com/plugin/coblocks" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/code-snippets.yaml b/http/technologies/wordpress/plugins/code-snippets.yaml index e2630e416e7..dbb3e2110b1 100644 --- a/http/technologies/wordpress/plugins/code-snippets.yaml +++ b/http/technologies/wordpress/plugins/code-snippets.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/code-snippets/ metadata: - plugin_namespace: code-snippets - wpscan: https://wpscan.com/plugin/code-snippets + plugin_namespace: "code-snippets" + wpscan: "https://wpscan.com/plugin/code-snippets" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/coming-soon.yaml b/http/technologies/wordpress/plugins/coming-soon.yaml index 123229bdc7f..25903cc66a0 100644 --- a/http/technologies/wordpress/plugins/coming-soon.yaml +++ b/http/technologies/wordpress/plugins/coming-soon.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/coming-soon/ metadata: - plugin_namespace: coming-soon - wpscan: https://wpscan.com/plugin/coming-soon + plugin_namespace: "coming-soon" + wpscan: "https://wpscan.com/plugin/coming-soon" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/complianz-gdpr.yaml b/http/technologies/wordpress/plugins/complianz-gdpr.yaml index e58166b4498..29e43ff78c6 100644 --- a/http/technologies/wordpress/plugins/complianz-gdpr.yaml +++ b/http/technologies/wordpress/plugins/complianz-gdpr.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/complianz-gdpr/ metadata: - plugin_namespace: complianz-gdpr - wpscan: https://wpscan.com/plugin/complianz-gdpr + wpscan: "https://wpscan.com/plugin/complianz-gdpr" + max-request: 1 + plugin_namespace: "complianz-gdpr" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/contact-form-7-honeypot.yaml b/http/technologies/wordpress/plugins/contact-form-7-honeypot.yaml index 83567dfbfcf..80c31254dc5 100644 --- a/http/technologies/wordpress/plugins/contact-form-7-honeypot.yaml +++ b/http/technologies/wordpress/plugins/contact-form-7-honeypot.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/contact-form-7-honeypot/ metadata: - plugin_namespace: contact-form-7-honeypot - wpscan: https://wpscan.com/plugin/contact-form-7-honeypot + plugin_namespace: "contact-form-7-honeypot" + wpscan: "https://wpscan.com/plugin/contact-form-7-honeypot" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/contact-form-7.yaml b/http/technologies/wordpress/plugins/contact-form-7.yaml index 5ef09d2c89e..bfd0d2ab6aa 100644 --- a/http/technologies/wordpress/plugins/contact-form-7.yaml +++ b/http/technologies/wordpress/plugins/contact-form-7.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/contact-form-7/ metadata: - plugin_namespace: contact-form-7 - wpscan: https://wpscan.com/plugin/contact-form-7 + plugin_namespace: "contact-form-7" + wpscan: "https://wpscan.com/plugin/contact-form-7" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/contact-form-cfdb7.yaml b/http/technologies/wordpress/plugins/contact-form-cfdb7.yaml index a68d09c8ac1..f74b6cc0f03 100644 --- a/http/technologies/wordpress/plugins/contact-form-cfdb7.yaml +++ b/http/technologies/wordpress/plugins/contact-form-cfdb7.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/contact-form-cfdb7/ metadata: - plugin_namespace: contact-form-cfdb7 - wpscan: https://wpscan.com/plugin/contact-form-cfdb7 + plugin_namespace: "contact-form-cfdb7" + wpscan: "https://wpscan.com/plugin/contact-form-cfdb7" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/cookie-law-info.yaml b/http/technologies/wordpress/plugins/cookie-law-info.yaml index 267cdc7cd75..7b21b12dc17 100644 --- a/http/technologies/wordpress/plugins/cookie-law-info.yaml +++ b/http/technologies/wordpress/plugins/cookie-law-info.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/cookie-law-info/ metadata: - plugin_namespace: cookie-law-info - wpscan: https://wpscan.com/plugin/cookie-law-info + plugin_namespace: "cookie-law-info" + wpscan: "https://wpscan.com/plugin/cookie-law-info" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/cookie-notice.yaml b/http/technologies/wordpress/plugins/cookie-notice.yaml index 00ffb137212..f6833916393 100644 --- a/http/technologies/wordpress/plugins/cookie-notice.yaml +++ b/http/technologies/wordpress/plugins/cookie-notice.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/cookie-notice/ metadata: - plugin_namespace: cookie-notice - wpscan: https://wpscan.com/plugin/cookie-notice + plugin_namespace: "cookie-notice" + wpscan: "https://wpscan.com/plugin/cookie-notice" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/copy-delete-posts.yaml b/http/technologies/wordpress/plugins/copy-delete-posts.yaml index 69ecfa8e26b..ac218b17762 100644 --- a/http/technologies/wordpress/plugins/copy-delete-posts.yaml +++ b/http/technologies/wordpress/plugins/copy-delete-posts.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/copy-delete-posts/ metadata: - plugin_namespace: copy-delete-posts - wpscan: https://wpscan.com/plugin/copy-delete-posts + plugin_namespace: "copy-delete-posts" + wpscan: "https://wpscan.com/plugin/copy-delete-posts" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/creame-whatsapp-me.yaml b/http/technologies/wordpress/plugins/creame-whatsapp-me.yaml index 7489def6fae..46567a7d87b 100644 --- a/http/technologies/wordpress/plugins/creame-whatsapp-me.yaml +++ b/http/technologies/wordpress/plugins/creame-whatsapp-me.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/creame-whatsapp-me/ metadata: - plugin_namespace: creame-whatsapp-me - wpscan: https://wpscan.com/plugin/creame-whatsapp-me + plugin_namespace: "creame-whatsapp-me" + wpscan: "https://wpscan.com/plugin/creame-whatsapp-me" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml b/http/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml index 62d1e16f770..8b7f58d311a 100644 --- a/http/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml +++ b/http/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/creative-mail-by-constant-contact/ metadata: - plugin_namespace: creative-mail-by-constant-contact - wpscan: https://wpscan.com/plugin/creative-mail-by-constant-contact + plugin_namespace: "creative-mail-by-constant-contact" + wpscan: "https://wpscan.com/plugin/creative-mail-by-constant-contact" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/custom-css-js.yaml b/http/technologies/wordpress/plugins/custom-css-js.yaml index b411439f3b1..4bc45464aa9 100644 --- a/http/technologies/wordpress/plugins/custom-css-js.yaml +++ b/http/technologies/wordpress/plugins/custom-css-js.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/custom-css-js/ metadata: - plugin_namespace: custom-css-js - wpscan: https://wpscan.com/plugin/custom-css-js + wpscan: "https://wpscan.com/plugin/custom-css-js" + max-request: 1 + plugin_namespace: "custom-css-js" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/custom-fonts.yaml b/http/technologies/wordpress/plugins/custom-fonts.yaml index 62cdb01717c..7ef8e177fc9 100644 --- a/http/technologies/wordpress/plugins/custom-fonts.yaml +++ b/http/technologies/wordpress/plugins/custom-fonts.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/custom-fonts/ metadata: - plugin_namespace: custom-fonts - wpscan: https://wpscan.com/plugin/custom-fonts + wpscan: "https://wpscan.com/plugin/custom-fonts" + max-request: 1 + plugin_namespace: "custom-fonts" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/custom-post-type-ui.yaml b/http/technologies/wordpress/plugins/custom-post-type-ui.yaml index 71fc9974d54..347894195b3 100644 --- a/http/technologies/wordpress/plugins/custom-post-type-ui.yaml +++ b/http/technologies/wordpress/plugins/custom-post-type-ui.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/custom-post-type-ui/ metadata: - plugin_namespace: custom-post-type-ui - wpscan: https://wpscan.com/plugin/custom-post-type-ui + max-request: 1 + plugin_namespace: "custom-post-type-ui" + wpscan: "https://wpscan.com/plugin/custom-post-type-ui" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/disable-comments.yaml b/http/technologies/wordpress/plugins/disable-comments.yaml index a8d4d34f714..6c2d09399b0 100644 --- a/http/technologies/wordpress/plugins/disable-comments.yaml +++ b/http/technologies/wordpress/plugins/disable-comments.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/disable-comments/ metadata: - plugin_namespace: disable-comments - wpscan: https://wpscan.com/plugin/disable-comments + plugin_namespace: "disable-comments" + wpscan: "https://wpscan.com/plugin/disable-comments" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/disable-gutenberg.yaml b/http/technologies/wordpress/plugins/disable-gutenberg.yaml index 3f6b1226d3b..26f086ba8da 100644 --- a/http/technologies/wordpress/plugins/disable-gutenberg.yaml +++ b/http/technologies/wordpress/plugins/disable-gutenberg.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/disable-gutenberg/ metadata: - plugin_namespace: disable-gutenberg - wpscan: https://wpscan.com/plugin/disable-gutenberg + plugin_namespace: "disable-gutenberg" + wpscan: "https://wpscan.com/plugin/disable-gutenberg" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/duplicate-page.yaml b/http/technologies/wordpress/plugins/duplicate-page.yaml index 486e8c847d8..5d36c9a17c7 100644 --- a/http/technologies/wordpress/plugins/duplicate-page.yaml +++ b/http/technologies/wordpress/plugins/duplicate-page.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/duplicate-page/ metadata: - plugin_namespace: duplicate-page - wpscan: https://wpscan.com/plugin/duplicate-page + plugin_namespace: "duplicate-page" + wpscan: "https://wpscan.com/plugin/duplicate-page" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/duplicate-post.yaml b/http/technologies/wordpress/plugins/duplicate-post.yaml index bdb5a1d9be4..1d3e757968b 100644 --- a/http/technologies/wordpress/plugins/duplicate-post.yaml +++ b/http/technologies/wordpress/plugins/duplicate-post.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/duplicate-post/ metadata: - plugin_namespace: duplicate-post - wpscan: https://wpscan.com/plugin/duplicate-post + plugin_namespace: "duplicate-post" + wpscan: "https://wpscan.com/plugin/duplicate-post" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/duplicator.yaml b/http/technologies/wordpress/plugins/duplicator.yaml index a783c29f971..8cd9a89ee66 100644 --- a/http/technologies/wordpress/plugins/duplicator.yaml +++ b/http/technologies/wordpress/plugins/duplicator.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/duplicator/ metadata: plugin_namespace: duplicator - wpscan: https://wpscan.com/plugin/duplicator + wpscan: "https://wpscan.com/plugin/duplicator" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml b/http/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml index 1ec5d8eeff9..17d97e83417 100644 --- a/http/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml +++ b/http/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/duracelltomi-google-tag-manager/ metadata: - plugin_namespace: duracelltomi-google-tag-manager - wpscan: https://wpscan.com/plugin/duracelltomi-google-tag-manager + plugin_namespace: "duracelltomi-google-tag-manager" + wpscan: "https://wpscan.com/plugin/duracelltomi-google-tag-manager" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/easy-table-of-contents.yaml b/http/technologies/wordpress/plugins/easy-table-of-contents.yaml index 6f387e55ddd..a87526dc184 100644 --- a/http/technologies/wordpress/plugins/easy-table-of-contents.yaml +++ b/http/technologies/wordpress/plugins/easy-table-of-contents.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/easy-table-of-contents/ metadata: - plugin_namespace: easy-table-of-contents - wpscan: https://wpscan.com/plugin/easy-table-of-contents + plugin_namespace: "easy-table-of-contents" + wpscan: "https://wpscan.com/plugin/easy-table-of-contents" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/easy-wp-smtp.yaml b/http/technologies/wordpress/plugins/easy-wp-smtp.yaml index 3a66626e6f7..a6784bf4149 100644 --- a/http/technologies/wordpress/plugins/easy-wp-smtp.yaml +++ b/http/technologies/wordpress/plugins/easy-wp-smtp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/easy-wp-smtp/ metadata: - plugin_namespace: easy-wp-smtp - wpscan: https://wpscan.com/plugin/easy-wp-smtp + plugin_namespace: "easy-wp-smtp" + wpscan: "https://wpscan.com/plugin/easy-wp-smtp" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/elementor.yaml b/http/technologies/wordpress/plugins/elementor.yaml index c946f64962f..4847cee8ae7 100644 --- a/http/technologies/wordpress/plugins/elementor.yaml +++ b/http/technologies/wordpress/plugins/elementor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/elementor/ metadata: + wpscan: "https://wpscan.com/plugin/elementor" + max-request: 1 plugin_namespace: elementor - wpscan: https://wpscan.com/plugin/elementor tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/elementskit-lite.yaml b/http/technologies/wordpress/plugins/elementskit-lite.yaml index 58b0a69c22d..13a007e822b 100644 --- a/http/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/http/technologies/wordpress/plugins/elementskit-lite.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/elementskit-lite/ metadata: - plugin_namespace: elementskit-lite - wpscan: https://wpscan.com/plugin/elementskit-lite + plugin_namespace: "elementskit-lite" + wpscan: "https://wpscan.com/plugin/elementskit-lite" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/enable-media-replace.yaml b/http/technologies/wordpress/plugins/enable-media-replace.yaml index 39f4da0cac9..41fff9273dd 100644 --- a/http/technologies/wordpress/plugins/enable-media-replace.yaml +++ b/http/technologies/wordpress/plugins/enable-media-replace.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/enable-media-replace/ metadata: - plugin_namespace: enable-media-replace - wpscan: https://wpscan.com/plugin/enable-media-replace + plugin_namespace: "enable-media-replace" + wpscan: "https://wpscan.com/plugin/enable-media-replace" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/envato-elements.yaml b/http/technologies/wordpress/plugins/envato-elements.yaml index 485663c063d..4ba728ec1eb 100644 --- a/http/technologies/wordpress/plugins/envato-elements.yaml +++ b/http/technologies/wordpress/plugins/envato-elements.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/envato-elements/ metadata: - plugin_namespace: envato-elements - wpscan: https://wpscan.com/plugin/envato-elements + plugin_namespace: "envato-elements" + wpscan: "https://wpscan.com/plugin/envato-elements" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml b/http/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml index b25e9004925..acfdde933e8 100644 --- a/http/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml +++ b/http/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/essential-addons-for-elementor-lite/ metadata: - plugin_namespace: essential-addons-for-elementor-lite - wpscan: https://wpscan.com/plugin/essential-addons-for-elementor-lite + wpscan: "https://wpscan.com/plugin/essential-addons-for-elementor-lite" + max-request: 1 + plugin_namespace: "essential-addons-for-elementor-lite" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/ewww-image-optimizer.yaml b/http/technologies/wordpress/plugins/ewww-image-optimizer.yaml index 020e6ba72d5..c630e47ac3a 100644 --- a/http/technologies/wordpress/plugins/ewww-image-optimizer.yaml +++ b/http/technologies/wordpress/plugins/ewww-image-optimizer.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ewww-image-optimizer/ metadata: - plugin_namespace: ewww-image-optimizer - wpscan: https://wpscan.com/plugin/ewww-image-optimizer + plugin_namespace: "ewww-image-optimizer" + wpscan: "https://wpscan.com/plugin/ewww-image-optimizer" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/extendify.yaml b/http/technologies/wordpress/plugins/extendify.yaml index cbefa57d4f0..27f894b03db 100644 --- a/http/technologies/wordpress/plugins/extendify.yaml +++ b/http/technologies/wordpress/plugins/extendify.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/extendify/ metadata: plugin_namespace: extendify - wpscan: https://wpscan.com/plugin/extendify + wpscan: "https://wpscan.com/plugin/extendify" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/facebook-for-woocommerce.yaml b/http/technologies/wordpress/plugins/facebook-for-woocommerce.yaml index 1cc39368a51..55c7b85fa93 100644 --- a/http/technologies/wordpress/plugins/facebook-for-woocommerce.yaml +++ b/http/technologies/wordpress/plugins/facebook-for-woocommerce.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/facebook-for-woocommerce/ metadata: - plugin_namespace: facebook-for-woocommerce - wpscan: https://wpscan.com/plugin/facebook-for-woocommerce + wpscan: "https://wpscan.com/plugin/facebook-for-woocommerce" + max-request: 1 + plugin_namespace: "facebook-for-woocommerce" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/fast-indexing-api.yaml b/http/technologies/wordpress/plugins/fast-indexing-api.yaml index 42464d1fbb0..97c001b9e99 100644 --- a/http/technologies/wordpress/plugins/fast-indexing-api.yaml +++ b/http/technologies/wordpress/plugins/fast-indexing-api.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/fast-indexing-api/ metadata: - plugin_namespace: fast-indexing-api - wpscan: https://wpscan.com/plugin/fast-indexing-api + plugin_namespace: "fast-indexing-api" + wpscan: "https://wpscan.com/plugin/fast-indexing-api" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml b/http/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml index 39ea256a0f1..ce7fee0e3e3 100644 --- a/http/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml +++ b/http/technologies/wordpress/plugins/favicon-by-realfavicongenerator.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/favicon-by-realfavicongenerator/ metadata: - plugin_namespace: favicon-by-realfavicongenerator - wpscan: https://wpscan.com/plugin/favicon-by-realfavicongenerator + plugin_namespace: "favicon-by-realfavicongenerator" + wpscan: "https://wpscan.com/plugin/favicon-by-realfavicongenerator" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/flamingo.yaml b/http/technologies/wordpress/plugins/flamingo.yaml index c9a10533e00..d8123a55726 100644 --- a/http/technologies/wordpress/plugins/flamingo.yaml +++ b/http/technologies/wordpress/plugins/flamingo.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/flamingo/ metadata: plugin_namespace: flamingo - wpscan: https://wpscan.com/plugin/flamingo + wpscan: "https://wpscan.com/plugin/flamingo" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/fluent-smtp.yaml b/http/technologies/wordpress/plugins/fluent-smtp.yaml index 19879123ea5..90faa4316ad 100644 --- a/http/technologies/wordpress/plugins/fluent-smtp.yaml +++ b/http/technologies/wordpress/plugins/fluent-smtp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/fluent-smtp/ metadata: - plugin_namespace: fluent-smtp - wpscan: https://wpscan.com/plugin/fluent-smtp + wpscan: "https://wpscan.com/plugin/fluent-smtp" + max-request: 1 + plugin_namespace: "fluent-smtp" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/fluentform.yaml b/http/technologies/wordpress/plugins/fluentform.yaml index 1752dd82426..db43527292f 100644 --- a/http/technologies/wordpress/plugins/fluentform.yaml +++ b/http/technologies/wordpress/plugins/fluentform.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/fluentform/ metadata: plugin_namespace: fluentform - wpscan: https://wpscan.com/plugin/fluentform + wpscan: "https://wpscan.com/plugin/fluentform" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/font-awesome.yaml b/http/technologies/wordpress/plugins/font-awesome.yaml index 4f5c825166f..45ac434b2ad 100644 --- a/http/technologies/wordpress/plugins/font-awesome.yaml +++ b/http/technologies/wordpress/plugins/font-awesome.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/font-awesome/ metadata: - plugin_namespace: font-awesome - wpscan: https://wpscan.com/plugin/font-awesome + plugin_namespace: "font-awesome" + wpscan: "https://wpscan.com/plugin/font-awesome" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml b/http/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml index fb27f105f44..0b3220cf07b 100644 --- a/http/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml +++ b/http/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/force-regenerate-thumbnails/ metadata: - plugin_namespace: force-regenerate-thumbnails - wpscan: https://wpscan.com/plugin/force-regenerate-thumbnails + plugin_namespace: "force-regenerate-thumbnails" + wpscan: "https://wpscan.com/plugin/force-regenerate-thumbnails" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/formidable.yaml b/http/technologies/wordpress/plugins/formidable.yaml index 731b1f562f0..d077feeef77 100644 --- a/http/technologies/wordpress/plugins/formidable.yaml +++ b/http/technologies/wordpress/plugins/formidable.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/formidable/ metadata: plugin_namespace: formidable - wpscan: https://wpscan.com/plugin/formidable + wpscan: "https://wpscan.com/plugin/formidable" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/forminator.yaml b/http/technologies/wordpress/plugins/forminator.yaml index f43d4d4968f..da547b51b40 100644 --- a/http/technologies/wordpress/plugins/forminator.yaml +++ b/http/technologies/wordpress/plugins/forminator.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/forminator/ metadata: plugin_namespace: forminator - wpscan: https://wpscan.com/plugin/forminator + wpscan: "https://wpscan.com/plugin/forminator" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/ga-google-analytics.yaml b/http/technologies/wordpress/plugins/ga-google-analytics.yaml index 6e6f7edc718..3253b000adc 100644 --- a/http/technologies/wordpress/plugins/ga-google-analytics.yaml +++ b/http/technologies/wordpress/plugins/ga-google-analytics.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ga-google-analytics/ metadata: - plugin_namespace: ga-google-analytics - wpscan: https://wpscan.com/plugin/ga-google-analytics + wpscan: "https://wpscan.com/plugin/ga-google-analytics" + max-request: 1 + plugin_namespace: "ga-google-analytics" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml b/http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml index 3e1b2cd87fe..d8cf5f2f605 100644 --- a/http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml +++ b/http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/gdpr-cookie-compliance/ metadata: - plugin_namespace: gdpr-cookie-compliance - wpscan: https://wpscan.com/plugin/gdpr-cookie-compliance + max-request: 1 + plugin_namespace: "gdpr-cookie-compliance" + wpscan: "https://wpscan.com/plugin/gdpr-cookie-compliance" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/give.yaml b/http/technologies/wordpress/plugins/give.yaml index e1bfa4c8200..92bd2781256 100644 --- a/http/technologies/wordpress/plugins/give.yaml +++ b/http/technologies/wordpress/plugins/give.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/give/ metadata: + max-request: 1 plugin_namespace: give - wpscan: https://wpscan.com/plugin/give + wpscan: "https://wpscan.com/plugin/give" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml b/http/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml index 6bd32407b76..089547f7ae5 100644 --- a/http/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml +++ b/http/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/google-analytics-dashboard-for-wp/ metadata: - plugin_namespace: google-analytics-dashboard-for-wp - wpscan: https://wpscan.com/plugin/google-analytics-dashboard-for-wp + max-request: 1 + plugin_namespace: "google-analytics-dashboard-for-wp" + wpscan: "https://wpscan.com/plugin/google-analytics-dashboard-for-wp" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml b/http/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml index d6bddeda268..676f6cdd826 100644 --- a/http/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml +++ b/http/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/google-analytics-for-wordpress/ metadata: - plugin_namespace: google-analytics-for-wordpress - wpscan: https://wpscan.com/plugin/google-analytics-for-wordpress + plugin_namespace: "google-analytics-for-wordpress" + wpscan: "https://wpscan.com/plugin/google-analytics-for-wordpress" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/google-listings-and-ads.yaml b/http/technologies/wordpress/plugins/google-listings-and-ads.yaml index 5d47121ee14..9a74c15d89d 100644 --- a/http/technologies/wordpress/plugins/google-listings-and-ads.yaml +++ b/http/technologies/wordpress/plugins/google-listings-and-ads.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/google-listings-and-ads/ metadata: - plugin_namespace: google-listings-and-ads - wpscan: https://wpscan.com/plugin/google-listings-and-ads + plugin_namespace: "google-listings-and-ads" + wpscan: "https://wpscan.com/plugin/google-listings-and-ads" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/google-site-kit.yaml b/http/technologies/wordpress/plugins/google-site-kit.yaml index 9da02ab0d6d..daa5371a96f 100644 --- a/http/technologies/wordpress/plugins/google-site-kit.yaml +++ b/http/technologies/wordpress/plugins/google-site-kit.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/google-site-kit/ metadata: - plugin_namespace: google-site-kit - wpscan: https://wpscan.com/plugin/google-site-kit + plugin_namespace: "google-site-kit" + wpscan: "https://wpscan.com/plugin/google-site-kit" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/google-sitemap-generator.yaml b/http/technologies/wordpress/plugins/google-sitemap-generator.yaml index edf2391b15c..bd5f29f7bd6 100644 --- a/http/technologies/wordpress/plugins/google-sitemap-generator.yaml +++ b/http/technologies/wordpress/plugins/google-sitemap-generator.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/google-sitemap-generator/ metadata: - plugin_namespace: google-sitemap-generator - wpscan: https://wpscan.com/plugin/google-sitemap-generator + plugin_namespace: "google-sitemap-generator" + wpscan: "https://wpscan.com/plugin/google-sitemap-generator" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/gtranslate.yaml b/http/technologies/wordpress/plugins/gtranslate.yaml index 24fe480acb2..2d94421091b 100644 --- a/http/technologies/wordpress/plugins/gtranslate.yaml +++ b/http/technologies/wordpress/plugins/gtranslate.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/gtranslate/ metadata: plugin_namespace: gtranslate - wpscan: https://wpscan.com/plugin/gtranslate + wpscan: "https://wpscan.com/plugin/gtranslate" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/gutenberg.yaml b/http/technologies/wordpress/plugins/gutenberg.yaml index 2104425f5ea..c0cddb36509 100644 --- a/http/technologies/wordpress/plugins/gutenberg.yaml +++ b/http/technologies/wordpress/plugins/gutenberg.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/gutenberg/ metadata: plugin_namespace: gutenberg - wpscan: https://wpscan.com/plugin/gutenberg + wpscan: "https://wpscan.com/plugin/gutenberg" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/happy-elementor-addons.yaml b/http/technologies/wordpress/plugins/happy-elementor-addons.yaml index df5c746c67e..f53f666a66f 100644 --- a/http/technologies/wordpress/plugins/happy-elementor-addons.yaml +++ b/http/technologies/wordpress/plugins/happy-elementor-addons.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/happy-elementor-addons/ metadata: - plugin_namespace: happy-elementor-addons - wpscan: https://wpscan.com/plugin/happy-elementor-addons + plugin_namespace: "happy-elementor-addons" + wpscan: "https://wpscan.com/plugin/happy-elementor-addons" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/header-footer-code-manager.yaml b/http/technologies/wordpress/plugins/header-footer-code-manager.yaml index 142aa2d41e0..6bdef94d2a7 100644 --- a/http/technologies/wordpress/plugins/header-footer-code-manager.yaml +++ b/http/technologies/wordpress/plugins/header-footer-code-manager.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/header-footer-code-manager/ metadata: - plugin_namespace: header-footer-code-manager - wpscan: https://wpscan.com/plugin/header-footer-code-manager + plugin_namespace: "header-footer-code-manager" + wpscan: "https://wpscan.com/plugin/header-footer-code-manager" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/header-footer-elementor.yaml b/http/technologies/wordpress/plugins/header-footer-elementor.yaml index 5c3cdae0dbd..ea8271bb0a5 100644 --- a/http/technologies/wordpress/plugins/header-footer-elementor.yaml +++ b/http/technologies/wordpress/plugins/header-footer-elementor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/header-footer-elementor/ metadata: - plugin_namespace: header-footer-elementor - wpscan: https://wpscan.com/plugin/header-footer-elementor + max-request: 1 + plugin_namespace: "header-footer-elementor" + wpscan: "https://wpscan.com/plugin/header-footer-elementor" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/header-footer.yaml b/http/technologies/wordpress/plugins/header-footer.yaml index b037f7779a9..2779205446d 100644 --- a/http/technologies/wordpress/plugins/header-footer.yaml +++ b/http/technologies/wordpress/plugins/header-footer.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/header-footer/ metadata: - plugin_namespace: header-footer - wpscan: https://wpscan.com/plugin/header-footer + plugin_namespace: "header-footer" + wpscan: "https://wpscan.com/plugin/header-footer" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/health-check.yaml b/http/technologies/wordpress/plugins/health-check.yaml index 4eaba432feb..57eab3fe042 100644 --- a/http/technologies/wordpress/plugins/health-check.yaml +++ b/http/technologies/wordpress/plugins/health-check.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/health-check/ metadata: - plugin_namespace: health-check - wpscan: https://wpscan.com/plugin/health-check + plugin_namespace: "health-check" + wpscan: "https://wpscan.com/plugin/health-check" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/hello-dolly.yaml b/http/technologies/wordpress/plugins/hello-dolly.yaml index df16c763152..af0e02c111d 100644 --- a/http/technologies/wordpress/plugins/hello-dolly.yaml +++ b/http/technologies/wordpress/plugins/hello-dolly.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/hello-dolly/ metadata: - plugin_namespace: hello-dolly - wpscan: https://wpscan.com/plugin/hello-dolly + plugin_namespace: "hello-dolly" + wpscan: "https://wpscan.com/plugin/hello-dolly" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/host-webfonts-local.yaml b/http/technologies/wordpress/plugins/host-webfonts-local.yaml index 84964a449a8..a850ca24cb4 100644 --- a/http/technologies/wordpress/plugins/host-webfonts-local.yaml +++ b/http/technologies/wordpress/plugins/host-webfonts-local.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/host-webfonts-local/ metadata: - plugin_namespace: host-webfonts-local - wpscan: https://wpscan.com/plugin/host-webfonts-local + plugin_namespace: "host-webfonts-local" + wpscan: "https://wpscan.com/plugin/host-webfonts-local" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/hostinger.yaml b/http/technologies/wordpress/plugins/hostinger.yaml index f9882d6af4a..ccf3ef156cf 100644 --- a/http/technologies/wordpress/plugins/hostinger.yaml +++ b/http/technologies/wordpress/plugins/hostinger.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/hostinger/ metadata: + max-request: 1 plugin_namespace: hostinger - wpscan: https://wpscan.com/plugin/hostinger + wpscan: "https://wpscan.com/plugin/hostinger" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/image-optimization.yaml b/http/technologies/wordpress/plugins/image-optimization.yaml index dc1c0dbe643..fac2beb58cd 100644 --- a/http/technologies/wordpress/plugins/image-optimization.yaml +++ b/http/technologies/wordpress/plugins/image-optimization.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/image-optimization/ metadata: - plugin_namespace: image-optimization - wpscan: https://wpscan.com/plugin/image-optimization + max-request: 1 + plugin_namespace: "image-optimization" + wpscan: "https://wpscan.com/plugin/image-optimization" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/imagify.yaml b/http/technologies/wordpress/plugins/imagify.yaml index 5a2785492e8..63cd04daefa 100644 --- a/http/technologies/wordpress/plugins/imagify.yaml +++ b/http/technologies/wordpress/plugins/imagify.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/imagify/ metadata: plugin_namespace: imagify - wpscan: https://wpscan.com/plugin/imagify + wpscan: "https://wpscan.com/plugin/imagify" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/imsanity.yaml b/http/technologies/wordpress/plugins/imsanity.yaml index 7cb968375ed..58fca18b71d 100644 --- a/http/technologies/wordpress/plugins/imsanity.yaml +++ b/http/technologies/wordpress/plugins/imsanity.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/imsanity/ metadata: plugin_namespace: imsanity - wpscan: https://wpscan.com/plugin/imsanity + wpscan: "https://wpscan.com/plugin/imsanity" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/inpost-for-woocommerce.yaml b/http/technologies/wordpress/plugins/inpost-for-woocommerce.yaml index 27043edf385..b714f0e3f16 100644 --- a/http/technologies/wordpress/plugins/inpost-for-woocommerce.yaml +++ b/http/technologies/wordpress/plugins/inpost-for-woocommerce.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/inpost-for-woocommerce/ metadata: - plugin_namespace: inpost-for-woocommerce - wpscan: https://wpscan.com/plugin/inpost-for-woocommerce/ + plugin_namespace: "inpost-for-woocommerce" + wpscan: "https://wpscan.com/plugin/inpost-for-woocommerce/" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/insert-headers-and-footers.yaml b/http/technologies/wordpress/plugins/insert-headers-and-footers.yaml index e5dd71bb54c..f69bee0764c 100644 --- a/http/technologies/wordpress/plugins/insert-headers-and-footers.yaml +++ b/http/technologies/wordpress/plugins/insert-headers-and-footers.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/insert-headers-and-footers/ metadata: - plugin_namespace: insert-headers-and-footers - wpscan: https://wpscan.com/plugin/insert-headers-and-footers + plugin_namespace: "insert-headers-and-footers" + wpscan: "https://wpscan.com/plugin/insert-headers-and-footers" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/instagram-feed.yaml b/http/technologies/wordpress/plugins/instagram-feed.yaml index 296ee6867ad..c131a615fa9 100644 --- a/http/technologies/wordpress/plugins/instagram-feed.yaml +++ b/http/technologies/wordpress/plugins/instagram-feed.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/instagram-feed/ metadata: - plugin_namespace: instagram-feed - wpscan: https://wpscan.com/plugin/instagram-feed + plugin_namespace: "instagram-feed" + wpscan: "https://wpscan.com/plugin/instagram-feed" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/intuitive-custom-post-order.yaml b/http/technologies/wordpress/plugins/intuitive-custom-post-order.yaml index 47925b4cbb0..e57c0d44c4a 100644 --- a/http/technologies/wordpress/plugins/intuitive-custom-post-order.yaml +++ b/http/technologies/wordpress/plugins/intuitive-custom-post-order.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/intuitive-custom-post-order/ metadata: - plugin_namespace: intuitive-custom-post-order - wpscan: https://wpscan.com/plugin/intuitive-custom-post-order + plugin_namespace: "intuitive-custom-post-order" + wpscan: "https://wpscan.com/plugin/intuitive-custom-post-order" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/iwp-client.yaml b/http/technologies/wordpress/plugins/iwp-client.yaml index 1e396e565d6..060cfcaf4e9 100644 --- a/http/technologies/wordpress/plugins/iwp-client.yaml +++ b/http/technologies/wordpress/plugins/iwp-client.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/iwp-client/ metadata: - plugin_namespace: iwp-client - wpscan: https://wpscan.com/plugin/iwp-client + plugin_namespace: "iwp-client" + wpscan: "https://wpscan.com/plugin/iwp-client" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/jetpack-boost.yaml b/http/technologies/wordpress/plugins/jetpack-boost.yaml index 8313a8d046f..a8cc9adcea4 100644 --- a/http/technologies/wordpress/plugins/jetpack-boost.yaml +++ b/http/technologies/wordpress/plugins/jetpack-boost.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/jetpack-boost/ metadata: - plugin_namespace: jetpack-boost - wpscan: https://wpscan.com/plugin/jetpack-boost + plugin_namespace: "jetpack-boost" + wpscan: "https://wpscan.com/plugin/jetpack-boost" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/jetpack.yaml b/http/technologies/wordpress/plugins/jetpack.yaml index 0f2809150c5..7aaa4ba162e 100644 --- a/http/technologies/wordpress/plugins/jetpack.yaml +++ b/http/technologies/wordpress/plugins/jetpack.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/jetpack/ metadata: plugin_namespace: jetpack - wpscan: https://wpscan.com/plugin/jetpack + wpscan: "https://wpscan.com/plugin/jetpack" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/kadence-blocks.yaml b/http/technologies/wordpress/plugins/kadence-blocks.yaml index f96a3764074..08b46399fa5 100644 --- a/http/technologies/wordpress/plugins/kadence-blocks.yaml +++ b/http/technologies/wordpress/plugins/kadence-blocks.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/kadence-blocks/ metadata: - plugin_namespace: kadence-blocks - wpscan: https://wpscan.com/plugin/kadence-blocks + plugin_namespace: "kadence-blocks" + wpscan: "https://wpscan.com/plugin/kadence-blocks" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/kirki.yaml b/http/technologies/wordpress/plugins/kirki.yaml index dbcf56024a4..925b1fb6f79 100644 --- a/http/technologies/wordpress/plugins/kirki.yaml +++ b/http/technologies/wordpress/plugins/kirki.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/kirki/ metadata: plugin_namespace: kirki - wpscan: https://wpscan.com/plugin/kirki + wpscan: "https://wpscan.com/plugin/kirki" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/leadin.yaml b/http/technologies/wordpress/plugins/leadin.yaml index a0beff66d98..65751008328 100644 --- a/http/technologies/wordpress/plugins/leadin.yaml +++ b/http/technologies/wordpress/plugins/leadin.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/leadin/ metadata: plugin_namespace: leadin - wpscan: https://wpscan.com/plugin/leadin + wpscan: "https://wpscan.com/plugin/leadin" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml b/http/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml index 3fcce904bc6..0d495fab547 100644 --- a/http/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml +++ b/http/technologies/wordpress/plugins/limit-login-attempts-reloaded.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/limit-login-attempts-reloaded/ metadata: - plugin_namespace: limit-login-attempts-reloaded - wpscan: https://wpscan.com/plugin/limit-login-attempts-reloaded + plugin_namespace: "limit-login-attempts-reloaded" + wpscan: "https://wpscan.com/plugin/limit-login-attempts-reloaded" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/limit-login-attempts.yaml b/http/technologies/wordpress/plugins/limit-login-attempts.yaml index f48e4894d43..e0746a99213 100644 --- a/http/technologies/wordpress/plugins/limit-login-attempts.yaml +++ b/http/technologies/wordpress/plugins/limit-login-attempts.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/limit-login-attempts/ metadata: - plugin_namespace: limit-login-attempts - wpscan: https://wpscan.com/plugin/limit-login-attempts + plugin_namespace: "limit-login-attempts" + wpscan: "https://wpscan.com/plugin/limit-login-attempts" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/litespeed-cache.yaml b/http/technologies/wordpress/plugins/litespeed-cache.yaml index 2189a4defe9..780304ee0b0 100644 --- a/http/technologies/wordpress/plugins/litespeed-cache.yaml +++ b/http/technologies/wordpress/plugins/litespeed-cache.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/litespeed-cache/ metadata: - plugin_namespace: litespeed-cache - wpscan: https://wpscan.com/plugin/litespeed-cache + plugin_namespace: "litespeed-cache" + wpscan: "https://wpscan.com/plugin/litespeed-cache" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/loco-translate.yaml b/http/technologies/wordpress/plugins/loco-translate.yaml index 4dab16e0466..3e5a64bfaef 100644 --- a/http/technologies/wordpress/plugins/loco-translate.yaml +++ b/http/technologies/wordpress/plugins/loco-translate.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/loco-translate/ metadata: - plugin_namespace: loco-translate - wpscan: https://wpscan.com/plugin/loco-translate + plugin_namespace: "loco-translate" + wpscan: "https://wpscan.com/plugin/loco-translate" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/loginizer.yaml b/http/technologies/wordpress/plugins/loginizer.yaml index 211bfcfe955..a4aa8164448 100644 --- a/http/technologies/wordpress/plugins/loginizer.yaml +++ b/http/technologies/wordpress/plugins/loginizer.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/loginizer/ metadata: plugin_namespace: loginizer - wpscan: https://wpscan.com/plugin/loginizer + wpscan: "https://wpscan.com/plugin/loginizer" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml b/http/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml index aad70772c11..42fe233ea0b 100644 --- a/http/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml +++ b/http/technologies/wordpress/plugins/mailchimp-for-woocommerce.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/mailchimp-for-woocommerce/ metadata: - plugin_namespace: mailchimp-for-woocommerce - wpscan: https://wpscan.com/plugin/mailchimp-for-woocommerce + plugin_namespace: "mailchimp-for-woocommerce" + wpscan: "https://wpscan.com/plugin/mailchimp-for-woocommerce" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/mailchimp-for-wp.yaml b/http/technologies/wordpress/plugins/mailchimp-for-wp.yaml index ddacaf20a59..ded95372404 100644 --- a/http/technologies/wordpress/plugins/mailchimp-for-wp.yaml +++ b/http/technologies/wordpress/plugins/mailchimp-for-wp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/mailchimp-for-wp/ metadata: - plugin_namespace: mailchimp-for-wp - wpscan: https://wpscan.com/plugin/mailchimp-for-wp + plugin_namespace: "mailchimp-for-wp" + wpscan: "https://wpscan.com/plugin/mailchimp-for-wp" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/mailpoet.yaml b/http/technologies/wordpress/plugins/mailpoet.yaml index 040cb3d13bd..8956543ff6f 100644 --- a/http/technologies/wordpress/plugins/mailpoet.yaml +++ b/http/technologies/wordpress/plugins/mailpoet.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/mailpoet/ metadata: plugin_namespace: mailpoet - wpscan: https://wpscan.com/plugin/mailpoet + wpscan: "https://wpscan.com/plugin/mailpoet" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/maintenance.yaml b/http/technologies/wordpress/plugins/maintenance.yaml index 9e3f37d9478..fed28a7917e 100644 --- a/http/technologies/wordpress/plugins/maintenance.yaml +++ b/http/technologies/wordpress/plugins/maintenance.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/maintenance/ metadata: plugin_namespace: maintenance - wpscan: https://wpscan.com/plugin/maintenance + wpscan: "https://wpscan.com/plugin/maintenance" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/mainwp-child.yaml b/http/technologies/wordpress/plugins/mainwp-child.yaml index 59373721108..afa5dd668cb 100644 --- a/http/technologies/wordpress/plugins/mainwp-child.yaml +++ b/http/technologies/wordpress/plugins/mainwp-child.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/mainwp-child/ metadata: - plugin_namespace: mainwp-child - wpscan: https://wpscan.com/plugin/mainwp-child + plugin_namespace: "mainwp-child" + wpscan: "https://wpscan.com/plugin/mainwp-child" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/malcare-security.yaml b/http/technologies/wordpress/plugins/malcare-security.yaml index c734c671c11..51ddd8b01b3 100644 --- a/http/technologies/wordpress/plugins/malcare-security.yaml +++ b/http/technologies/wordpress/plugins/malcare-security.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/malcare-security/ metadata: - plugin_namespace: malcare-security - wpscan: https://wpscan.com/plugin/malcare-security + plugin_namespace: "malcare-security" + wpscan: "https://wpscan.com/plugin/malcare-security" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/megamenu.yaml b/http/technologies/wordpress/plugins/megamenu.yaml index bf48e9dcbf6..ebcfe6d1d46 100644 --- a/http/technologies/wordpress/plugins/megamenu.yaml +++ b/http/technologies/wordpress/plugins/megamenu.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/megamenu/ metadata: plugin_namespace: megamenu - wpscan: https://wpscan.com/plugin/megamenu + wpscan: "https://wpscan.com/plugin/megamenu" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/members.yaml b/http/technologies/wordpress/plugins/members.yaml index 9eb63ea3702..01cfd186e1b 100644 --- a/http/technologies/wordpress/plugins/members.yaml +++ b/http/technologies/wordpress/plugins/members.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/members/ metadata: + wpscan: "https://wpscan.com/plugin/members" + max-request: 1 plugin_namespace: members - wpscan: https://wpscan.com/plugin/members tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/meta-box.yaml b/http/technologies/wordpress/plugins/meta-box.yaml index e1fd7b2ba2b..7b52b0efb50 100644 --- a/http/technologies/wordpress/plugins/meta-box.yaml +++ b/http/technologies/wordpress/plugins/meta-box.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/meta-box/ metadata: - plugin_namespace: meta-box - wpscan: https://wpscan.com/plugin/meta-box + wpscan: "https://wpscan.com/plugin/meta-box" + max-request: 1 + plugin_namespace: "meta-box" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/metform.yaml b/http/technologies/wordpress/plugins/metform.yaml index 69326d6bda9..1c0749e2eed 100644 --- a/http/technologies/wordpress/plugins/metform.yaml +++ b/http/technologies/wordpress/plugins/metform.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/metform/ metadata: plugin_namespace: metform - wpscan: https://wpscan.com/plugin/metform + wpscan: "https://wpscan.com/plugin/metform" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/ml-slider.yaml b/http/technologies/wordpress/plugins/ml-slider.yaml index 7d1a44ac8da..eb3e57914ae 100644 --- a/http/technologies/wordpress/plugins/ml-slider.yaml +++ b/http/technologies/wordpress/plugins/ml-slider.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ml-slider/ metadata: - plugin_namespace: ml-slider - wpscan: https://wpscan.com/plugin/ml-slider + plugin_namespace: "ml-slider" + wpscan: "https://wpscan.com/plugin/ml-slider" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/newsletter.yaml b/http/technologies/wordpress/plugins/newsletter.yaml index 99be89991eb..e01d351cdcf 100644 --- a/http/technologies/wordpress/plugins/newsletter.yaml +++ b/http/technologies/wordpress/plugins/newsletter.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/newsletter/ metadata: plugin_namespace: newsletter - wpscan: https://wpscan.com/plugin/newsletter + wpscan: "https://wpscan.com/plugin/newsletter" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/nextend-facebook-connect.yaml b/http/technologies/wordpress/plugins/nextend-facebook-connect.yaml index 2d991ce215d..636b82f96bb 100644 --- a/http/technologies/wordpress/plugins/nextend-facebook-connect.yaml +++ b/http/technologies/wordpress/plugins/nextend-facebook-connect.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/nextend-facebook-connect/ metadata: - plugin_namespace: nextend-facebook-connect - wpscan: https://wpscan.com/plugin/nextend-facebook-connect + plugin_namespace: "nextend-facebook-connect" + wpscan: "https://wpscan.com/plugin/nextend-facebook-connect" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/nextgen-gallery.yaml b/http/technologies/wordpress/plugins/nextgen-gallery.yaml index 131fca910bd..fcd6f5cd3ac 100644 --- a/http/technologies/wordpress/plugins/nextgen-gallery.yaml +++ b/http/technologies/wordpress/plugins/nextgen-gallery.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/nextgen-gallery/ metadata: - plugin_namespace: nextgen-gallery - wpscan: https://wpscan.com/plugin/nextgen-gallery + plugin_namespace: "nextgen-gallery" + wpscan: "https://wpscan.com/plugin/nextgen-gallery" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/ninja-forms.yaml b/http/technologies/wordpress/plugins/ninja-forms.yaml index 4d2f73e3072..45181827d4f 100644 --- a/http/technologies/wordpress/plugins/ninja-forms.yaml +++ b/http/technologies/wordpress/plugins/ninja-forms.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ninja-forms/ metadata: - plugin_namespace: ninja-forms - wpscan: https://wpscan.com/plugin/ninja-forms + plugin_namespace: "ninja-forms" + wpscan: "https://wpscan.com/plugin/ninja-forms" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/ocean-extra.yaml b/http/technologies/wordpress/plugins/ocean-extra.yaml index 76d4955d925..523e1975752 100644 --- a/http/technologies/wordpress/plugins/ocean-extra.yaml +++ b/http/technologies/wordpress/plugins/ocean-extra.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ocean-extra/ metadata: - plugin_namespace: ocean-extra - wpscan: https://wpscan.com/plugin/ocean-extra + plugin_namespace: "ocean-extra" + wpscan: "https://wpscan.com/plugin/ocean-extra" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/official-facebook-pixel.yaml b/http/technologies/wordpress/plugins/official-facebook-pixel.yaml index 6186454b20f..82d3074c3b1 100644 --- a/http/technologies/wordpress/plugins/official-facebook-pixel.yaml +++ b/http/technologies/wordpress/plugins/official-facebook-pixel.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/official-facebook-pixel/ metadata: - plugin_namespace: official-facebook-pixel - wpscan: https://wpscan.com/plugin/official-facebook-pixel + max-request: 1 + plugin_namespace: "official-facebook-pixel" + wpscan: "https://wpscan.com/plugin/official-facebook-pixel" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/one-click-demo-import.yaml b/http/technologies/wordpress/plugins/one-click-demo-import.yaml index fb16284755a..4f5b50592aa 100644 --- a/http/technologies/wordpress/plugins/one-click-demo-import.yaml +++ b/http/technologies/wordpress/plugins/one-click-demo-import.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/one-click-demo-import/ metadata: - plugin_namespace: one-click-demo-import - wpscan: https://wpscan.com/plugin/one-click-demo-import + plugin_namespace: "one-click-demo-import" + wpscan: "https://wpscan.com/plugin/one-click-demo-import" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/optinmonster.yaml b/http/technologies/wordpress/plugins/optinmonster.yaml index c7c93a0c1a2..213e9393c40 100644 --- a/http/technologies/wordpress/plugins/optinmonster.yaml +++ b/http/technologies/wordpress/plugins/optinmonster.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/optinmonster/ metadata: plugin_namespace: optinmonster - wpscan: https://wpscan.com/plugin/optinmonster + wpscan: "https://wpscan.com/plugin/optinmonster" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/otter-blocks.yaml b/http/technologies/wordpress/plugins/otter-blocks.yaml index d930112ad1c..a183a95ed67 100644 --- a/http/technologies/wordpress/plugins/otter-blocks.yaml +++ b/http/technologies/wordpress/plugins/otter-blocks.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/otter-blocks/ metadata: - plugin_namespace: otter-blocks - wpscan: https://wpscan.com/plugin/otter-blocks + plugin_namespace: "otter-blocks" + wpscan: "https://wpscan.com/plugin/otter-blocks" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/password-protected.yaml b/http/technologies/wordpress/plugins/password-protected.yaml index 600036376ea..4598cc7019e 100644 --- a/http/technologies/wordpress/plugins/password-protected.yaml +++ b/http/technologies/wordpress/plugins/password-protected.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/password-protected/ metadata: - plugin_namespace: password-protected - wpscan: https://wpscan.com/plugin/password-protected + plugin_namespace: "password-protected" + wpscan: "https://wpscan.com/plugin/password-protected" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/pdf-embedder.yaml b/http/technologies/wordpress/plugins/pdf-embedder.yaml index e47518464aa..9f356700b62 100644 --- a/http/technologies/wordpress/plugins/pdf-embedder.yaml +++ b/http/technologies/wordpress/plugins/pdf-embedder.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/pdf-embedder/ metadata: - plugin_namespace: pdf-embedder - wpscan: https://wpscan.com/plugin/pdf-embedder + plugin_namespace: "pdf-embedder" + wpscan: "https://wpscan.com/plugin/pdf-embedder" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/pinterest-for-woocommerce.yaml b/http/technologies/wordpress/plugins/pinterest-for-woocommerce.yaml index 3b677e8eb9a..82780fdfdf2 100644 --- a/http/technologies/wordpress/plugins/pinterest-for-woocommerce.yaml +++ b/http/technologies/wordpress/plugins/pinterest-for-woocommerce.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/pinterest-for-woocommerce/ metadata: - plugin_namespace: pinterest-for-woocommerce - wpscan: https://wpscan.com/plugin/pinterest-for-woocommerce + plugin_namespace: "pinterest-for-woocommerce" + wpscan: "https://wpscan.com/plugin/pinterest-for-woocommerce" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/pixelyoursite.yaml b/http/technologies/wordpress/plugins/pixelyoursite.yaml index e07d7b628fa..f7c1f07eed0 100644 --- a/http/technologies/wordpress/plugins/pixelyoursite.yaml +++ b/http/technologies/wordpress/plugins/pixelyoursite.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/pixelyoursite/ metadata: plugin_namespace: pixelyoursite - wpscan: https://wpscan.com/plugin/pixelyoursite + wpscan: "https://wpscan.com/plugin/pixelyoursite" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/polylang.yaml b/http/technologies/wordpress/plugins/polylang.yaml index df3463408d2..06abe45a94d 100644 --- a/http/technologies/wordpress/plugins/polylang.yaml +++ b/http/technologies/wordpress/plugins/polylang.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/polylang/ metadata: plugin_namespace: polylang - wpscan: https://wpscan.com/plugin/polylang + wpscan: "https://wpscan.com/plugin/polylang" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/popup-maker.yaml b/http/technologies/wordpress/plugins/popup-maker.yaml index 89f2531fd38..cad41a11079 100644 --- a/http/technologies/wordpress/plugins/popup-maker.yaml +++ b/http/technologies/wordpress/plugins/popup-maker.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/popup-maker/ metadata: - plugin_namespace: popup-maker - wpscan: https://wpscan.com/plugin/popup-maker + max-request: 1 + plugin_namespace: "popup-maker" + wpscan: "https://wpscan.com/plugin/popup-maker" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/post-smtp.yaml b/http/technologies/wordpress/plugins/post-smtp.yaml index 1c500b4fb9b..8bd2bd8f5ab 100644 --- a/http/technologies/wordpress/plugins/post-smtp.yaml +++ b/http/technologies/wordpress/plugins/post-smtp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/post-smtp/ metadata: - plugin_namespace: post-smtp - wpscan: https://wpscan.com/plugin/post-smtp + plugin_namespace: "post-smtp" + wpscan: "https://wpscan.com/plugin/post-smtp" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/post-types-order.yaml b/http/technologies/wordpress/plugins/post-types-order.yaml index 32a2ec39654..868480d1e44 100644 --- a/http/technologies/wordpress/plugins/post-types-order.yaml +++ b/http/technologies/wordpress/plugins/post-types-order.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/post-types-order/ metadata: - plugin_namespace: post-types-order - wpscan: https://wpscan.com/plugin/post-types-order + max-request: 1 + plugin_namespace: "post-types-order" + wpscan: "https://wpscan.com/plugin/post-types-order" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/premium-addons-for-elementor.yaml b/http/technologies/wordpress/plugins/premium-addons-for-elementor.yaml index cfa92abe763..cdad923afc6 100644 --- a/http/technologies/wordpress/plugins/premium-addons-for-elementor.yaml +++ b/http/technologies/wordpress/plugins/premium-addons-for-elementor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/premium-addons-for-elementor/ metadata: - plugin_namespace: premium-addons-for-elementor - wpscan: https://wpscan.com/plugin/premium-addons-for-elementor + max-request: 1 + plugin_namespace: "premium-addons-for-elementor" + wpscan: "https://wpscan.com/plugin/premium-addons-for-elementor" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/pretty-link.yaml b/http/technologies/wordpress/plugins/pretty-link.yaml index 1068ce7d638..da90e06c237 100644 --- a/http/technologies/wordpress/plugins/pretty-link.yaml +++ b/http/technologies/wordpress/plugins/pretty-link.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/pretty-link/ metadata: - plugin_namespace: pretty-link - wpscan: https://wpscan.com/plugin/pretty-link + plugin_namespace: "pretty-link" + wpscan: "https://wpscan.com/plugin/pretty-link" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/really-simple-captcha.yaml b/http/technologies/wordpress/plugins/really-simple-captcha.yaml index af0d8c62706..6ea6449882a 100644 --- a/http/technologies/wordpress/plugins/really-simple-captcha.yaml +++ b/http/technologies/wordpress/plugins/really-simple-captcha.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/really-simple-captcha/ metadata: - plugin_namespace: really-simple-captcha - wpscan: https://wpscan.com/plugin/really-simple-captcha + plugin_namespace: "really-simple-captcha" + wpscan: "https://wpscan.com/plugin/really-simple-captcha" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/really-simple-ssl.yaml b/http/technologies/wordpress/plugins/really-simple-ssl.yaml index 7a89c7a2ec1..069d7a9a573 100644 --- a/http/technologies/wordpress/plugins/really-simple-ssl.yaml +++ b/http/technologies/wordpress/plugins/really-simple-ssl.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/really-simple-ssl/ metadata: - plugin_namespace: really-simple-ssl - wpscan: https://wpscan.com/plugin/really-simple-ssl + plugin_namespace: "really-simple-ssl" + wpscan: "https://wpscan.com/plugin/really-simple-ssl" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/redirection.yaml b/http/technologies/wordpress/plugins/redirection.yaml index 6ef96833086..a1c4ee9b24c 100644 --- a/http/technologies/wordpress/plugins/redirection.yaml +++ b/http/technologies/wordpress/plugins/redirection.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/redirection/ metadata: plugin_namespace: redirection - wpscan: https://wpscan.com/plugin/redirection + wpscan: "https://wpscan.com/plugin/redirection" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/redux-framework.yaml b/http/technologies/wordpress/plugins/redux-framework.yaml index d86859b55c6..fa54ec392cc 100644 --- a/http/technologies/wordpress/plugins/redux-framework.yaml +++ b/http/technologies/wordpress/plugins/redux-framework.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/redux-framework/ metadata: - plugin_namespace: redux-framework - wpscan: https://wpscan.com/plugin/redux-framework + plugin_namespace: "redux-framework" + wpscan: "https://wpscan.com/plugin/redux-framework" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/regenerate-thumbnails.yaml b/http/technologies/wordpress/plugins/regenerate-thumbnails.yaml index 224487cc23a..2a4e0719e92 100644 --- a/http/technologies/wordpress/plugins/regenerate-thumbnails.yaml +++ b/http/technologies/wordpress/plugins/regenerate-thumbnails.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/regenerate-thumbnails/ metadata: - plugin_namespace: regenerate-thumbnails - wpscan: https://wpscan.com/plugin/regenerate-thumbnails + max-request: 1 + plugin_namespace: "regenerate-thumbnails" + wpscan: "https://wpscan.com/plugin/regenerate-thumbnails" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/royal-elementor-addons.yaml b/http/technologies/wordpress/plugins/royal-elementor-addons.yaml index 8cd61228470..b62156b1eb7 100644 --- a/http/technologies/wordpress/plugins/royal-elementor-addons.yaml +++ b/http/technologies/wordpress/plugins/royal-elementor-addons.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/royal-elementor-addons/ metadata: - plugin_namespace: royal-elementor-addons - wpscan: https://wpscan.com/plugin/royal-elementor-addons + plugin_namespace: "royal-elementor-addons" + wpscan: "https://wpscan.com/plugin/royal-elementor-addons" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/safe-svg.yaml b/http/technologies/wordpress/plugins/safe-svg.yaml index 778e35af741..c0be4df2982 100644 --- a/http/technologies/wordpress/plugins/safe-svg.yaml +++ b/http/technologies/wordpress/plugins/safe-svg.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/safe-svg/ metadata: - plugin_namespace: safe-svg - wpscan: https://wpscan.com/plugin/safe-svg + plugin_namespace: "safe-svg" + wpscan: "https://wpscan.com/plugin/safe-svg" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/seo-by-rank-math.yaml b/http/technologies/wordpress/plugins/seo-by-rank-math.yaml index 1ab0ed20cad..5140f9ba5ca 100644 --- a/http/technologies/wordpress/plugins/seo-by-rank-math.yaml +++ b/http/technologies/wordpress/plugins/seo-by-rank-math.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/seo-by-rank-math/ metadata: - plugin_namespace: seo-by-rank-math - wpscan: https://wpscan.com/plugin/seo-by-rank-math + wpscan: "https://wpscan.com/plugin/seo-by-rank-math" + max-request: 1 + plugin_namespace: "seo-by-rank-math" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/sg-cachepress.yaml b/http/technologies/wordpress/plugins/sg-cachepress.yaml index b6d61da8605..d446dc6a343 100644 --- a/http/technologies/wordpress/plugins/sg-cachepress.yaml +++ b/http/technologies/wordpress/plugins/sg-cachepress.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/sg-cachepress/ metadata: - plugin_namespace: sg-cachepress - wpscan: https://wpscan.com/plugin/sg-cachepress + max-request: 1 + plugin_namespace: "sg-cachepress" + wpscan: "https://wpscan.com/plugin/sg-cachepress" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/sg-security.yaml b/http/technologies/wordpress/plugins/sg-security.yaml index be917c4b60d..ba01e572615 100644 --- a/http/technologies/wordpress/plugins/sg-security.yaml +++ b/http/technologies/wordpress/plugins/sg-security.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/sg-security/ metadata: - plugin_namespace: sg-security - wpscan: https://wpscan.com/plugin/sg-security + plugin_namespace: "sg-security" + wpscan: "https://wpscan.com/plugin/sg-security" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/shortcodes-ultimate.yaml b/http/technologies/wordpress/plugins/shortcodes-ultimate.yaml index 288de3107b9..b5d7cba73e4 100644 --- a/http/technologies/wordpress/plugins/shortcodes-ultimate.yaml +++ b/http/technologies/wordpress/plugins/shortcodes-ultimate.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/shortcodes-ultimate/ metadata: - plugin_namespace: shortcodes-ultimate - wpscan: https://wpscan.com/plugin/shortcodes-ultimate + max-request: 1 + plugin_namespace: "shortcodes-ultimate" + wpscan: "https://wpscan.com/plugin/shortcodes-ultimate" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml b/http/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml index 9e3294842cd..1562b86b33b 100644 --- a/http/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml +++ b/http/technologies/wordpress/plugins/shortpixel-image-optimiser.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/shortpixel-image-optimiser/ metadata: - plugin_namespace: shortpixel-image-optimiser - wpscan: https://wpscan.com/plugin/shortpixel-image-optimiser + plugin_namespace: "shortpixel-image-optimiser" + wpscan: "https://wpscan.com/plugin/shortpixel-image-optimiser" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/simple-custom-post-order.yaml b/http/technologies/wordpress/plugins/simple-custom-post-order.yaml index e00c02bd566..9a03f3532bf 100644 --- a/http/technologies/wordpress/plugins/simple-custom-post-order.yaml +++ b/http/technologies/wordpress/plugins/simple-custom-post-order.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/simple-custom-post-order/ metadata: - plugin_namespace: simple-custom-post-order - wpscan: https://wpscan.com/plugin/simple-custom-post-order + plugin_namespace: "simple-custom-post-order" + wpscan: "https://wpscan.com/plugin/simple-custom-post-order" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/simple-history.yaml b/http/technologies/wordpress/plugins/simple-history.yaml index 11f57111a32..7e67c2b4a30 100644 --- a/http/technologies/wordpress/plugins/simple-history.yaml +++ b/http/technologies/wordpress/plugins/simple-history.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/simple-history/ metadata: - plugin_namespace: simple-history - wpscan: https://wpscan.com/plugin/simple-history + plugin_namespace: "simple-history" + wpscan: "https://wpscan.com/plugin/simple-history" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/siteguard.yaml b/http/technologies/wordpress/plugins/siteguard.yaml index 48b18513deb..5a1e0675614 100644 --- a/http/technologies/wordpress/plugins/siteguard.yaml +++ b/http/technologies/wordpress/plugins/siteguard.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/siteguard/ metadata: plugin_namespace: siteguard - wpscan: https://wpscan.com/plugin/siteguard + wpscan: "https://wpscan.com/plugin/siteguard" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/siteorigin-panels.yaml b/http/technologies/wordpress/plugins/siteorigin-panels.yaml index e9f67568e36..5ea66ed0aaf 100644 --- a/http/technologies/wordpress/plugins/siteorigin-panels.yaml +++ b/http/technologies/wordpress/plugins/siteorigin-panels.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/siteorigin-panels/ metadata: - plugin_namespace: siteorigin-panels - wpscan: https://wpscan.com/plugin/siteorigin-panels + plugin_namespace: "siteorigin-panels" + wpscan: "https://wpscan.com/plugin/siteorigin-panels" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/smart-slider-3.yaml b/http/technologies/wordpress/plugins/smart-slider-3.yaml index 31be6bbe125..b4e3a49eaad 100644 --- a/http/technologies/wordpress/plugins/smart-slider-3.yaml +++ b/http/technologies/wordpress/plugins/smart-slider-3.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/smart-slider-3/ metadata: - plugin_namespace: smart-slider-3 - wpscan: https://wpscan.com/plugin/smart-slider-3 + plugin_namespace: "smart-slider-3" + wpscan: "https://wpscan.com/plugin/smart-slider-3" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/so-widgets-bundle.yaml b/http/technologies/wordpress/plugins/so-widgets-bundle.yaml index 47730616b42..8761fb5b699 100644 --- a/http/technologies/wordpress/plugins/so-widgets-bundle.yaml +++ b/http/technologies/wordpress/plugins/so-widgets-bundle.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/so-widgets-bundle/ metadata: - plugin_namespace: so-widgets-bundle - wpscan: https://wpscan.com/plugin/so-widgets-bundle + max-request: 1 + plugin_namespace: "so-widgets-bundle" + wpscan: "https://wpscan.com/plugin/so-widgets-bundle" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/sticky-header-effects-for-elementor.yaml b/http/technologies/wordpress/plugins/sticky-header-effects-for-elementor.yaml index d92e25be16b..7f10f628f64 100644 --- a/http/technologies/wordpress/plugins/sticky-header-effects-for-elementor.yaml +++ b/http/technologies/wordpress/plugins/sticky-header-effects-for-elementor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/sticky-header-effects-for-elementor/ metadata: - plugin_namespace: sticky-header-effects-for-elementor - wpscan: https://wpscan.com/plugin/sticky-header-effects-for-elementor + plugin_namespace: "sticky-header-effects-for-elementor" + wpscan: "https://wpscan.com/plugin/sticky-header-effects-for-elementor" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml b/http/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml index 01cf3b8a706..b548d26a90c 100644 --- a/http/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml +++ b/http/technologies/wordpress/plugins/stops-core-theme-and-plugin-updates.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/stops-core-theme-and-plugin-updates/ metadata: - plugin_namespace: stops-core-theme-and-plugin-updates - wpscan: https://wpscan.com/plugin/stops-core-theme-and-plugin-updates + plugin_namespace: "stops-core-theme-and-plugin-updates" + wpscan: "https://wpscan.com/plugin/stops-core-theme-and-plugin-updates" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/sucuri-scanner.yaml b/http/technologies/wordpress/plugins/sucuri-scanner.yaml index 4ce06a209f6..3a183d8d04c 100644 --- a/http/technologies/wordpress/plugins/sucuri-scanner.yaml +++ b/http/technologies/wordpress/plugins/sucuri-scanner.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/sucuri-scanner/ metadata: - plugin_namespace: sucuri-scanner - wpscan: https://wpscan.com/plugin/sucuri-scanner + plugin_namespace: "sucuri-scanner" + wpscan: "https://wpscan.com/plugin/sucuri-scanner" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/svg-support.yaml b/http/technologies/wordpress/plugins/svg-support.yaml index fd157c60d7a..bdf81cdf81f 100644 --- a/http/technologies/wordpress/plugins/svg-support.yaml +++ b/http/technologies/wordpress/plugins/svg-support.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/svg-support/ metadata: - plugin_namespace: svg-support - wpscan: https://wpscan.com/plugin/svg-support + wpscan: "https://wpscan.com/plugin/svg-support" + max-request: 1 + plugin_namespace: "svg-support" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/table-of-contents-plus.yaml b/http/technologies/wordpress/plugins/table-of-contents-plus.yaml index ad6b3597712..c4ec9f97815 100644 --- a/http/technologies/wordpress/plugins/table-of-contents-plus.yaml +++ b/http/technologies/wordpress/plugins/table-of-contents-plus.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/table-of-contents-plus/ metadata: - plugin_namespace: table-of-contents-plus - wpscan: https://wpscan.com/plugin/table-of-contents-plus + plugin_namespace: "table-of-contents-plus" + wpscan: "https://wpscan.com/plugin/table-of-contents-plus" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/tablepress.yaml b/http/technologies/wordpress/plugins/tablepress.yaml index 221c90388d4..69aea2f20bb 100644 --- a/http/technologies/wordpress/plugins/tablepress.yaml +++ b/http/technologies/wordpress/plugins/tablepress.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/tablepress/ metadata: plugin_namespace: tablepress - wpscan: https://wpscan.com/plugin/tablepress + wpscan: "https://wpscan.com/plugin/tablepress" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/taxonomy-terms-order.yaml b/http/technologies/wordpress/plugins/taxonomy-terms-order.yaml index 47f1dfe6a2e..6b5e17749b2 100644 --- a/http/technologies/wordpress/plugins/taxonomy-terms-order.yaml +++ b/http/technologies/wordpress/plugins/taxonomy-terms-order.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/taxonomy-terms-order/ metadata: - plugin_namespace: taxonomy-terms-order - wpscan: https://wpscan.com/plugin/taxonomy-terms-order + plugin_namespace: "taxonomy-terms-order" + wpscan: "https://wpscan.com/plugin/taxonomy-terms-order" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/templately.yaml b/http/technologies/wordpress/plugins/templately.yaml index ecd45d3254a..e7ddf910471 100644 --- a/http/technologies/wordpress/plugins/templately.yaml +++ b/http/technologies/wordpress/plugins/templately.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/templately/ metadata: + max-request: 1 plugin_namespace: templately - wpscan: https://wpscan.com/plugin/templately + wpscan: "https://wpscan.com/plugin/templately" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/the-events-calendar.yaml b/http/technologies/wordpress/plugins/the-events-calendar.yaml index 71fe0b5ee2e..b1f90a92edf 100644 --- a/http/technologies/wordpress/plugins/the-events-calendar.yaml +++ b/http/technologies/wordpress/plugins/the-events-calendar.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/the-events-calendar/ metadata: - plugin_namespace: the-events-calendar - wpscan: https://wpscan.com/plugin/the-events-calendar + max-request: 1 + plugin_namespace: "the-events-calendar" + wpscan: "https://wpscan.com/plugin/the-events-calendar" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/tinymce-advanced.yaml b/http/technologies/wordpress/plugins/tinymce-advanced.yaml index 074c474e5ca..4f09a0fd122 100644 --- a/http/technologies/wordpress/plugins/tinymce-advanced.yaml +++ b/http/technologies/wordpress/plugins/tinymce-advanced.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/tinymce-advanced/ metadata: - plugin_namespace: tinymce-advanced - wpscan: https://wpscan.com/plugin/tinymce-advanced + plugin_namespace: "tinymce-advanced" + wpscan: "https://wpscan.com/plugin/tinymce-advanced" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/translatepress-multilingual.yaml b/http/technologies/wordpress/plugins/translatepress-multilingual.yaml index 4b67100a5ca..054165c3ed2 100644 --- a/http/technologies/wordpress/plugins/translatepress-multilingual.yaml +++ b/http/technologies/wordpress/plugins/translatepress-multilingual.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/translatepress-multilingual/ metadata: - plugin_namespace: translatepress-multilingual - wpscan: https://wpscan.com/plugin/translatepress-multilingual + plugin_namespace: "translatepress-multilingual" + wpscan: "https://wpscan.com/plugin/translatepress-multilingual" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml b/http/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml index 69eea33b502..413cca0956a 100644 --- a/http/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml +++ b/http/technologies/wordpress/plugins/ultimate-addons-for-gutenberg.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/ultimate-addons-for-gutenberg/ metadata: - plugin_namespace: ultimate-addons-for-gutenberg - wpscan: https://wpscan.com/plugin/ultimate-addons-for-gutenberg + plugin_namespace: "ultimate-addons-for-gutenberg" + wpscan: "https://wpscan.com/plugin/ultimate-addons-for-gutenberg" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/under-construction-page.yaml b/http/technologies/wordpress/plugins/under-construction-page.yaml index b1ad2e597ee..8f0bf288cb1 100644 --- a/http/technologies/wordpress/plugins/under-construction-page.yaml +++ b/http/technologies/wordpress/plugins/under-construction-page.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/under-construction-page/ metadata: - plugin_namespace: under-construction-page - wpscan: https://wpscan.com/plugin/under-construction-page + wpscan: "https://wpscan.com/plugin/under-construction-page" + max-request: 1 + plugin_namespace: "under-construction-page" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/updraftplus.yaml b/http/technologies/wordpress/plugins/updraftplus.yaml index bc14d799ee2..49da9fcc20a 100644 --- a/http/technologies/wordpress/plugins/updraftplus.yaml +++ b/http/technologies/wordpress/plugins/updraftplus.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/updraftplus/ metadata: plugin_namespace: updraftplus - wpscan: https://wpscan.com/plugin/updraftplus + wpscan: "https://wpscan.com/plugin/updraftplus" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/user-role-editor.yaml b/http/technologies/wordpress/plugins/user-role-editor.yaml index bc7e64139de..f713fb38a47 100644 --- a/http/technologies/wordpress/plugins/user-role-editor.yaml +++ b/http/technologies/wordpress/plugins/user-role-editor.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/user-role-editor/ metadata: - plugin_namespace: user-role-editor - wpscan: https://wpscan.com/plugin/user-role-editor + plugin_namespace: "user-role-editor" + wpscan: "https://wpscan.com/plugin/user-role-editor" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/w3-total-cache.yaml b/http/technologies/wordpress/plugins/w3-total-cache.yaml index f609be4fe61..8c55dc6c214 100644 --- a/http/technologies/wordpress/plugins/w3-total-cache.yaml +++ b/http/technologies/wordpress/plugins/w3-total-cache.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/w3-total-cache/ metadata: - plugin_namespace: w3-total-cache - wpscan: https://wpscan.com/plugin/w3-total-cache + wpscan: "https://wpscan.com/plugin/w3-total-cache" + max-request: 1 + plugin_namespace: "w3-total-cache" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/webp-converter-for-media.yaml b/http/technologies/wordpress/plugins/webp-converter-for-media.yaml index 06629242d85..74cc5f8b3d7 100644 --- a/http/technologies/wordpress/plugins/webp-converter-for-media.yaml +++ b/http/technologies/wordpress/plugins/webp-converter-for-media.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/webp-converter-for-media/ metadata: - plugin_namespace: webp-converter-for-media - wpscan: https://wpscan.com/plugin/webp-converter-for-media + plugin_namespace: "webp-converter-for-media" + wpscan: "https://wpscan.com/plugin/webp-converter-for-media" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/webp-express.yaml b/http/technologies/wordpress/plugins/webp-express.yaml index 7e8c5984a41..d6b58a2afaf 100644 --- a/http/technologies/wordpress/plugins/webp-express.yaml +++ b/http/technologies/wordpress/plugins/webp-express.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/webp-express/ metadata: - plugin_namespace: webp-express - wpscan: https://wpscan.com/plugin/webp-express + plugin_namespace: "webp-express" + wpscan: "https://wpscan.com/plugin/webp-express" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/widget-importer-exporter.yaml b/http/technologies/wordpress/plugins/widget-importer-exporter.yaml index 2a3e6c1975b..dc7bbc7f488 100644 --- a/http/technologies/wordpress/plugins/widget-importer-exporter.yaml +++ b/http/technologies/wordpress/plugins/widget-importer-exporter.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/widget-importer-exporter/ metadata: - plugin_namespace: widget-importer-exporter - wpscan: https://wpscan.com/plugin/widget-importer-exporter + max-request: 1 + plugin_namespace: "widget-importer-exporter" + wpscan: "https://wpscan.com/plugin/widget-importer-exporter" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml b/http/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml index ea8ddff7abb..6c916cf811c 100644 --- a/http/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml +++ b/http/technologies/wordpress/plugins/woo-cart-abandonment-recovery.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woo-cart-abandonment-recovery/ metadata: - plugin_namespace: woo-cart-abandonment-recovery - wpscan: https://wpscan.com/plugin/woo-cart-abandonment-recovery + plugin_namespace: "woo-cart-abandonment-recovery" + wpscan: "https://wpscan.com/plugin/woo-cart-abandonment-recovery" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml b/http/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml index fbc91e3a6dc..afa22ff7d44 100644 --- a/http/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml +++ b/http/technologies/wordpress/plugins/woo-checkout-field-editor-pro.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woo-checkout-field-editor-pro/ metadata: - plugin_namespace: woo-checkout-field-editor-pro - wpscan: https://wpscan.com/plugin/woo-checkout-field-editor-pro + plugin_namespace: "woo-checkout-field-editor-pro" + wpscan: "https://wpscan.com/plugin/woo-checkout-field-editor-pro" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woo-inpost.yaml b/http/technologies/wordpress/plugins/woo-inpost.yaml index 45e8fe8828b..3254c2c3bf4 100644 --- a/http/technologies/wordpress/plugins/woo-inpost.yaml +++ b/http/technologies/wordpress/plugins/woo-inpost.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woo-inpost/ metadata: - plugin_namespace: woo-inpost - wpscan: https://wpscan.com/plugin/woo-inpost + max-request: 1 + plugin_namespace: "woo-inpost" + wpscan: "https://wpscan.com/plugin/woo-inpost" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woo-variation-swatches.yaml b/http/technologies/wordpress/plugins/woo-variation-swatches.yaml index f0bf3d384b8..52bcb1c11e3 100644 --- a/http/technologies/wordpress/plugins/woo-variation-swatches.yaml +++ b/http/technologies/wordpress/plugins/woo-variation-swatches.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woo-variation-swatches/ metadata: - plugin_namespace: woo-variation-swatches - wpscan: https://wpscan.com/plugin/woo-variation-swatches + max-request: 1 + plugin_namespace: "woo-variation-swatches" + wpscan: "https://wpscan.com/plugin/woo-variation-swatches" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml b/http/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml index 2b553bc5aa0..8fb11b1532c 100644 --- a/http/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-gateway-stripe.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-gateway-stripe/ metadata: - plugin_namespace: woocommerce-gateway-stripe - wpscan: https://wpscan.com/plugin/woocommerce-gateway-stripe + wpscan: "https://wpscan.com/plugin/woocommerce-gateway-stripe" + max-request: 1 + plugin_namespace: "woocommerce-gateway-stripe" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-legacy-rest-api.yaml b/http/technologies/wordpress/plugins/woocommerce-legacy-rest-api.yaml index 034745a76ec..624f5df27dc 100644 --- a/http/technologies/wordpress/plugins/woocommerce-legacy-rest-api.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-legacy-rest-api.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-legacy-rest-api/ metadata: - plugin_namespace: woocommerce-legacy-rest-api - wpscan: https://wpscan.com/plugin/woocommerce-legacy-rest-api + plugin_namespace: "woocommerce-legacy-rest-api" + wpscan: "https://wpscan.com/plugin/woocommerce-legacy-rest-api" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-payments.yaml b/http/technologies/wordpress/plugins/woocommerce-payments.yaml index 77e903d8550..0523ed91f5c 100644 --- a/http/technologies/wordpress/plugins/woocommerce-payments.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-payments.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-payments/ metadata: - plugin_namespace: woocommerce-payments - wpscan: https://wpscan.com/plugin/woocommerce-payments + plugin_namespace: "woocommerce-payments" + wpscan: "https://wpscan.com/plugin/woocommerce-payments" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml b/http/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml index fd8087b3274..e914eb7e93a 100644 --- a/http/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-paypal-payments.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-paypal-payments/ metadata: - plugin_namespace: woocommerce-paypal-payments - wpscan: https://wpscan.com/plugin/woocommerce-paypal-payments + plugin_namespace: "woocommerce-paypal-payments" + wpscan: "https://wpscan.com/plugin/woocommerce-paypal-payments" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml b/http/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml index 63f2ec08b91..3468035396a 100644 --- a/http/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-pdf-invoices-packing-slips/ metadata: - plugin_namespace: woocommerce-pdf-invoices-packing-slips - wpscan: https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips + plugin_namespace: "woocommerce-pdf-invoices-packing-slips" + wpscan: "https://wpscan.com/plugin/woocommerce-pdf-invoices-packing-slips" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce-services.yaml b/http/technologies/wordpress/plugins/woocommerce-services.yaml index 323b226e7e4..2a4907b3745 100644 --- a/http/technologies/wordpress/plugins/woocommerce-services.yaml +++ b/http/technologies/wordpress/plugins/woocommerce-services.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce-services/ metadata: - plugin_namespace: woocommerce-services - wpscan: https://wpscan.com/plugin/woocommerce-services + plugin_namespace: "woocommerce-services" + wpscan: "https://wpscan.com/plugin/woocommerce-services" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/woocommerce.yaml b/http/technologies/wordpress/plugins/woocommerce.yaml index 3443e061340..74868b82126 100644 --- a/http/technologies/wordpress/plugins/woocommerce.yaml +++ b/http/technologies/wordpress/plugins/woocommerce.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/woocommerce/ metadata: + max-request: 1 plugin_namespace: woocommerce - wpscan: https://wpscan.com/plugin/woocommerce + wpscan: "https://wpscan.com/plugin/woocommerce" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wordfence.yaml b/http/technologies/wordpress/plugins/wordfence.yaml index a9d5c6215dd..f2b0c3077c2 100644 --- a/http/technologies/wordpress/plugins/wordfence.yaml +++ b/http/technologies/wordpress/plugins/wordfence.yaml @@ -8,7 +8,8 @@ info: - https://wordpress.org/plugins/wordfence/ metadata: plugin_namespace: wordfence - wpscan: https://wpscan.com/plugin/wordfence + wpscan: "https://wpscan.com/plugin/wordfence" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wordpress-importer.yaml b/http/technologies/wordpress/plugins/wordpress-importer.yaml index cedad977ee6..8137870ed6f 100644 --- a/http/technologies/wordpress/plugins/wordpress-importer.yaml +++ b/http/technologies/wordpress/plugins/wordpress-importer.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wordpress-importer/ metadata: - plugin_namespace: wordpress-importer - wpscan: https://wpscan.com/plugin/wordpress-importer + plugin_namespace: "wordpress-importer" + wpscan: "https://wpscan.com/plugin/wordpress-importer" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wordpress-seo.yaml b/http/technologies/wordpress/plugins/wordpress-seo.yaml index 05b1256ea74..2719058a35b 100644 --- a/http/technologies/wordpress/plugins/wordpress-seo.yaml +++ b/http/technologies/wordpress/plugins/wordpress-seo.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wordpress-seo/ metadata: - plugin_namespace: wordpress-seo - wpscan: https://wpscan.com/plugin/wordpress-seo + plugin_namespace: "wordpress-seo" + wpscan: "https://wpscan.com/plugin/wordpress-seo" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/worker.yaml b/http/technologies/wordpress/plugins/worker.yaml index 60bdf76ffb8..d0447299cc0 100644 --- a/http/technologies/wordpress/plugins/worker.yaml +++ b/http/technologies/wordpress/plugins/worker.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/worker/ metadata: + wpscan: "https://wpscan.com/plugin/worker" + max-request: 1 plugin_namespace: worker - wpscan: https://wpscan.com/plugin/worker tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-crontrol.yaml b/http/technologies/wordpress/plugins/wp-crontrol.yaml index eaa2b7cfd2e..03269e947dc 100644 --- a/http/technologies/wordpress/plugins/wp-crontrol.yaml +++ b/http/technologies/wordpress/plugins/wp-crontrol.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-crontrol/ metadata: - plugin_namespace: wp-crontrol - wpscan: https://wpscan.com/plugin/wp-crontrol + wpscan: "https://wpscan.com/plugin/wp-crontrol" + max-request: 1 + plugin_namespace: "wp-crontrol" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-fastest-cache.yaml b/http/technologies/wordpress/plugins/wp-fastest-cache.yaml index d12f2e51d69..21477decea2 100644 --- a/http/technologies/wordpress/plugins/wp-fastest-cache.yaml +++ b/http/technologies/wordpress/plugins/wp-fastest-cache.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-fastest-cache/ metadata: - plugin_namespace: wp-fastest-cache - wpscan: https://wpscan.com/plugin/wp-fastest-cache + wpscan: "https://wpscan.com/plugin/wp-fastest-cache" + max-request: 1 + plugin_namespace: "wp-fastest-cache" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-file-manager.yaml b/http/technologies/wordpress/plugins/wp-file-manager.yaml index aec70bb1b52..cd903caa5f0 100644 --- a/http/technologies/wordpress/plugins/wp-file-manager.yaml +++ b/http/technologies/wordpress/plugins/wp-file-manager.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-file-manager/ metadata: - plugin_namespace: wp-file-manager - wpscan: https://wpscan.com/plugin/wp-file-manager + wpscan: "https://wpscan.com/plugin/wp-file-manager" + max-request: 1 + plugin_namespace: "wp-file-manager" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-google-maps.yaml b/http/technologies/wordpress/plugins/wp-google-maps.yaml index 85eb37aa6cc..9afe74ee083 100644 --- a/http/technologies/wordpress/plugins/wp-google-maps.yaml +++ b/http/technologies/wordpress/plugins/wp-google-maps.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-google-maps/ metadata: - plugin_namespace: wp-google-maps - wpscan: https://wpscan.com/plugin/wp-google-maps + plugin_namespace: "wp-google-maps" + wpscan: "https://wpscan.com/plugin/wp-google-maps" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-mail-logging.yaml b/http/technologies/wordpress/plugins/wp-mail-logging.yaml index 3109c15e488..b0b9c5a5dc3 100644 --- a/http/technologies/wordpress/plugins/wp-mail-logging.yaml +++ b/http/technologies/wordpress/plugins/wp-mail-logging.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-mail-logging/ metadata: - plugin_namespace: wp-mail-logging - wpscan: https://wpscan.com/plugin/wp-mail-logging + plugin_namespace: "wp-mail-logging" + wpscan: "https://wpscan.com/plugin/wp-mail-logging" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-mail-smtp.yaml b/http/technologies/wordpress/plugins/wp-mail-smtp.yaml index 441a6543895..3ac99a274a6 100644 --- a/http/technologies/wordpress/plugins/wp-mail-smtp.yaml +++ b/http/technologies/wordpress/plugins/wp-mail-smtp.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-mail-smtp/ metadata: - plugin_namespace: wp-mail-smtp - wpscan: https://wpscan.com/plugin/wp-mail-smtp + plugin_namespace: "wp-mail-smtp" + wpscan: "https://wpscan.com/plugin/wp-mail-smtp" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-maintenance-mode.yaml b/http/technologies/wordpress/plugins/wp-maintenance-mode.yaml index ae22736a78e..66b71099098 100644 --- a/http/technologies/wordpress/plugins/wp-maintenance-mode.yaml +++ b/http/technologies/wordpress/plugins/wp-maintenance-mode.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-maintenance-mode/ metadata: - plugin_namespace: wp-maintenance-mode - wpscan: https://wpscan.com/plugin/wp-maintenance-mode + max-request: 1 + plugin_namespace: "wp-maintenance-mode" + wpscan: "https://wpscan.com/plugin/wp-maintenance-mode" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-migrate-db.yaml b/http/technologies/wordpress/plugins/wp-migrate-db.yaml index 2b218f0121c..7ffa9d62372 100644 --- a/http/technologies/wordpress/plugins/wp-migrate-db.yaml +++ b/http/technologies/wordpress/plugins/wp-migrate-db.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-migrate-db/ metadata: - plugin_namespace: wp-migrate-db - wpscan: https://wpscan.com/plugin/wp-migrate-db + plugin_namespace: "wp-migrate-db" + wpscan: "https://wpscan.com/plugin/wp-migrate-db" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-multibyte-patch.yaml b/http/technologies/wordpress/plugins/wp-multibyte-patch.yaml index 954c99ad992..31d3dcb500a 100644 --- a/http/technologies/wordpress/plugins/wp-multibyte-patch.yaml +++ b/http/technologies/wordpress/plugins/wp-multibyte-patch.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-multibyte-patch/ metadata: - plugin_namespace: wp-multibyte-patch - wpscan: https://wpscan.com/plugin/wp-multibyte-patch + wpscan: "https://wpscan.com/plugin/wp-multibyte-patch" + max-request: 1 + plugin_namespace: "wp-multibyte-patch" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-optimize.yaml b/http/technologies/wordpress/plugins/wp-optimize.yaml index 30b217116a4..b033eb3ab76 100644 --- a/http/technologies/wordpress/plugins/wp-optimize.yaml +++ b/http/technologies/wordpress/plugins/wp-optimize.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-optimize/ metadata: - plugin_namespace: wp-optimize - wpscan: https://wpscan.com/plugin/wp-optimize + max-request: 1 + plugin_namespace: "wp-optimize" + wpscan: "https://wpscan.com/plugin/wp-optimize" tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-pagenavi.yaml b/http/technologies/wordpress/plugins/wp-pagenavi.yaml index 95928c3eff7..f827d069f24 100644 --- a/http/technologies/wordpress/plugins/wp-pagenavi.yaml +++ b/http/technologies/wordpress/plugins/wp-pagenavi.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-pagenavi/ metadata: - plugin_namespace: wp-pagenavi - wpscan: https://wpscan.com/plugin/wp-pagenavi + max-request: 1 + plugin_namespace: "wp-pagenavi" + wpscan: "https://wpscan.com/plugin/wp-pagenavi" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-reset.yaml b/http/technologies/wordpress/plugins/wp-reset.yaml index 6a9a02dfa0c..15a4a2000ef 100644 --- a/http/technologies/wordpress/plugins/wp-reset.yaml +++ b/http/technologies/wordpress/plugins/wp-reset.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-reset/ metadata: - plugin_namespace: wp-reset - wpscan: https://wpscan.com/plugin/wp-reset + plugin_namespace: "wp-reset" + wpscan: "https://wpscan.com/plugin/wp-reset" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-reviews-plugin-for-google.yaml b/http/technologies/wordpress/plugins/wp-reviews-plugin-for-google.yaml index a8adaae5a82..d01b3bf8b2c 100644 --- a/http/technologies/wordpress/plugins/wp-reviews-plugin-for-google.yaml +++ b/http/technologies/wordpress/plugins/wp-reviews-plugin-for-google.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-reviews-plugin-for-google/ metadata: - plugin_namespace: wp-reviews-plugin-for-google - wpscan: https://wpscan.com/plugin/wp-reviews-plugin-for-google + wpscan: "https://wpscan.com/plugin/wp-reviews-plugin-for-google" + max-request: 1 + plugin_namespace: "wp-reviews-plugin-for-google" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-rollback.yaml b/http/technologies/wordpress/plugins/wp-rollback.yaml index a1566e620db..73018d58ae7 100644 --- a/http/technologies/wordpress/plugins/wp-rollback.yaml +++ b/http/technologies/wordpress/plugins/wp-rollback.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-rollback/ metadata: - plugin_namespace: wp-rollback - wpscan: https://wpscan.com/plugin/wp-rollback + max-request: 1 + plugin_namespace: "wp-rollback" + wpscan: "https://wpscan.com/plugin/wp-rollback" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-seopress.yaml b/http/technologies/wordpress/plugins/wp-seopress.yaml index 720fd1eea45..ad8420fa3fe 100644 --- a/http/technologies/wordpress/plugins/wp-seopress.yaml +++ b/http/technologies/wordpress/plugins/wp-seopress.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-seopress/ metadata: - plugin_namespace: wp-seopress - wpscan: https://wpscan.com/plugin/wp-seopress + plugin_namespace: "wp-seopress" + wpscan: "https://wpscan.com/plugin/wp-seopress" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-sitemap-page.yaml b/http/technologies/wordpress/plugins/wp-sitemap-page.yaml index 4673e223ddd..4dc009e269c 100644 --- a/http/technologies/wordpress/plugins/wp-sitemap-page.yaml +++ b/http/technologies/wordpress/plugins/wp-sitemap-page.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-sitemap-page/ metadata: - plugin_namespace: wp-sitemap-page - wpscan: https://wpscan.com/plugin/wp-sitemap-page + plugin_namespace: "wp-sitemap-page" + wpscan: "https://wpscan.com/plugin/wp-sitemap-page" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-smushit.yaml b/http/technologies/wordpress/plugins/wp-smushit.yaml index c945b82f4cd..aa6738805be 100644 --- a/http/technologies/wordpress/plugins/wp-smushit.yaml +++ b/http/technologies/wordpress/plugins/wp-smushit.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-smushit/ metadata: - plugin_namespace: wp-smushit - wpscan: https://wpscan.com/plugin/wp-smushit + plugin_namespace: "wp-smushit" + wpscan: "https://wpscan.com/plugin/wp-smushit" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-statistics.yaml b/http/technologies/wordpress/plugins/wp-statistics.yaml index d9bd9c78a58..bcad9a99e95 100644 --- a/http/technologies/wordpress/plugins/wp-statistics.yaml +++ b/http/technologies/wordpress/plugins/wp-statistics.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-statistics/ metadata: - plugin_namespace: wp-statistics - wpscan: https://wpscan.com/plugin/wp-statistics + plugin_namespace: "wp-statistics" + wpscan: "https://wpscan.com/plugin/wp-statistics" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wp-super-cache.yaml b/http/technologies/wordpress/plugins/wp-super-cache.yaml index 2d32f849865..e8d3e756274 100644 --- a/http/technologies/wordpress/plugins/wp-super-cache.yaml +++ b/http/technologies/wordpress/plugins/wp-super-cache.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wp-super-cache/ metadata: - plugin_namespace: wp-super-cache - wpscan: https://wpscan.com/plugin/wp-super-cache + plugin_namespace: "wp-super-cache" + wpscan: "https://wpscan.com/plugin/wp-super-cache" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wpcf7-recaptcha.yaml b/http/technologies/wordpress/plugins/wpcf7-recaptcha.yaml index 634d01ccbcd..9122b2b1ca1 100644 --- a/http/technologies/wordpress/plugins/wpcf7-recaptcha.yaml +++ b/http/technologies/wordpress/plugins/wpcf7-recaptcha.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wpcf7-recaptcha/ metadata: - plugin_namespace: wpcf7-recaptcha - wpscan: https://wpscan.com/plugin/wpcf7-recaptcha + plugin_namespace: "wpcf7-recaptcha" + wpscan: "https://wpscan.com/plugin/wpcf7-recaptcha" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wpcf7-redirect.yaml b/http/technologies/wordpress/plugins/wpcf7-redirect.yaml index 2e087c66785..2e0b657964d 100644 --- a/http/technologies/wordpress/plugins/wpcf7-redirect.yaml +++ b/http/technologies/wordpress/plugins/wpcf7-redirect.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wpcf7-redirect/ metadata: - plugin_namespace: wpcf7-redirect - wpscan: https://wpscan.com/plugin/wpcf7-redirect + max-request: 1 + plugin_namespace: "wpcf7-redirect" + wpscan: "https://wpscan.com/plugin/wpcf7-redirect" tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/wpforms-lite.yaml b/http/technologies/wordpress/plugins/wpforms-lite.yaml index ab485d17d59..2321ec6f0da 100644 --- a/http/technologies/wordpress/plugins/wpforms-lite.yaml +++ b/http/technologies/wordpress/plugins/wpforms-lite.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wpforms-lite/ metadata: - plugin_namespace: wpforms-lite - wpscan: https://wpscan.com/plugin/wpforms-lite + plugin_namespace: "wpforms-lite" + wpscan: "https://wpscan.com/plugin/wpforms-lite" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wps-hide-login.yaml b/http/technologies/wordpress/plugins/wps-hide-login.yaml index 3608cf34936..72fd603ac06 100644 --- a/http/technologies/wordpress/plugins/wps-hide-login.yaml +++ b/http/technologies/wordpress/plugins/wps-hide-login.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wps-hide-login/ metadata: - plugin_namespace: wps-hide-login - wpscan: https://wpscan.com/plugin/wps-hide-login + plugin_namespace: "wps-hide-login" + wpscan: "https://wpscan.com/plugin/wps-hide-login" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/wordpress/plugins/wpvivid-backuprestore.yaml b/http/technologies/wordpress/plugins/wpvivid-backuprestore.yaml index d95b070eb69..34ccf7f1c5f 100644 --- a/http/technologies/wordpress/plugins/wpvivid-backuprestore.yaml +++ b/http/technologies/wordpress/plugins/wpvivid-backuprestore.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/wpvivid-backuprestore/ metadata: - plugin_namespace: wpvivid-backuprestore - wpscan: https://wpscan.com/plugin/wpvivid-backuprestore + plugin_namespace: "wpvivid-backuprestore" + wpscan: "https://wpscan.com/plugin/wpvivid-backuprestore" + max-request: 1 tags: tech,wordpress,wp-plugin,top-200 http: diff --git a/http/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml b/http/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml index 7e08b84bbcd..ff4cccaeb13 100644 --- a/http/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml +++ b/http/technologies/wordpress/plugins/yith-woocommerce-wishlist.yaml @@ -7,8 +7,9 @@ info: reference: - https://wordpress.org/plugins/yith-woocommerce-wishlist/ metadata: - plugin_namespace: yith-woocommerce-wishlist - wpscan: https://wpscan.com/plugin/yith-woocommerce-wishlist + plugin_namespace: "yith-woocommerce-wishlist" + wpscan: "https://wpscan.com/plugin/yith-woocommerce-wishlist" + max-request: 1 tags: tech,wordpress,wp-plugin,top-100,top-200 http: diff --git a/http/technologies/writebook-detect.yaml b/http/technologies/writebook-detect.yaml index 34199ec4fdd..11fc23bdbf3 100644 --- a/http/technologies/writebook-detect.yaml +++ b/http/technologies/writebook-detect.yaml @@ -8,9 +8,9 @@ info: - https://once.com/writebook - https://books.37signals.com/2/the-writebook-manual metadata: - max-request: 1 verified: true shodan-query: html:"Writebook" + max-request: 2 tags: writebook,tech http: diff --git a/http/vulnerabilities/backdoor/lottie-backdoor.yaml b/http/vulnerabilities/backdoor/lottie-backdoor.yaml index a151639439d..1f76b727253 100644 --- a/http/vulnerabilities/backdoor/lottie-backdoor.yaml +++ b/http/vulnerabilities/backdoor/lottie-backdoor.yaml @@ -9,6 +9,8 @@ info: reference: - https://github.com/LottieFiles/lottie-player/issues/254 - https://x.com/galnagli/status/1851779972639363076 + metadata: + max-request: 1 tags: cdn,lottie-player,backdoor,malware http: diff --git a/http/vulnerabilities/gradio/gradio-lfi.yaml b/http/vulnerabilities/gradio/gradio-lfi.yaml index 1177ebaa762..2b103376750 100644 --- a/http/vulnerabilities/gradio/gradio-lfi.yaml +++ b/http/vulnerabilities/gradio/gradio-lfi.yaml @@ -12,14 +12,14 @@ info: classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 - epss-percentile: 0.36659 cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:* + epss-percentile: 0.36659 metadata: verified: true - max-request: 2 + max-request: 400 shodan-query: html:"__gradio_mode__" product: gradio - vendor: gradio_project + vendor: "gradio_project" tags: cve,cve2024,intrusive,unauth,gradio,lfi,lfr http: diff --git a/http/vulnerabilities/gradio/gradio-ssrf.yaml b/http/vulnerabilities/gradio/gradio-ssrf.yaml index c6066bc9e34..bf193e9d0c5 100644 --- a/http/vulnerabilities/gradio/gradio-ssrf.yaml +++ b/http/vulnerabilities/gradio/gradio-ssrf.yaml @@ -12,14 +12,14 @@ info: classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 - epss-percentile: 0.36659 cpe: cpe:2.3:a:gradio_project:gradio:*:*:*:*:python:*:*:* + epss-percentile: 0.36659 metadata: + vendor: "gradio_project" verified: true - max-request: 2 + max-request: 200 shodan-query: html:"__gradio_mode__" product: gradio - vendor: gradio_project tags: cve,cve2024,unauth,gradio,ssrf http: diff --git a/http/vulnerabilities/imo/imo-file-download.yaml b/http/vulnerabilities/imo/imo-file-download.yaml index e00c8c62ff9..3c502b701db 100644 --- a/http/vulnerabilities/imo/imo-file-download.yaml +++ b/http/vulnerabilities/imo/imo-file-download.yaml @@ -9,7 +9,7 @@ info: reference: - https://forum.butian.net/article/214 metadata: - max-request: 2 + max-request: 1 tags: imo,file-download http: diff --git a/http/vulnerabilities/landray/landray-oa-replaceextend-rce.yaml b/http/vulnerabilities/landray/landray-oa-replaceextend-rce.yaml index 99009613d67..5810f400588 100644 --- a/http/vulnerabilities/landray/landray-oa-replaceextend-rce.yaml +++ b/http/vulnerabilities/landray/landray-oa-replaceextend-rce.yaml @@ -12,9 +12,9 @@ info: cpe: cpe:2.3:a:landray:landray_office_automation:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: landray - product: landray_office_automation + product: "landray_office_automation" fofa-query: app="Landray-OA系统" hunter-query: web.body=="蓝凌软件",web.icon=="302464c3f6207d57240649926cfc7bd4" tags: landray,oa,dataxml,rce,replaceExtend diff --git a/http/vulnerabilities/next-js-cache-poisoning.yaml b/http/vulnerabilities/next-js-cache-poisoning.yaml index 75d14edbea8..8523156dc2f 100644 --- a/http/vulnerabilities/next-js-cache-poisoning.yaml +++ b/http/vulnerabilities/next-js-cache-poisoning.yaml @@ -11,12 +11,11 @@ info: - https://github.com/valentin-panov/nextjs-no-cache-issue - https://zhero-web-sec.github.io/research-and-things/nextjs-and-cache-poisoning-a-quest-for-the-black-hole metadata: + max-request: 2 vendor: vercel - product: next.js - framework: node.js - shodan-query: - - http.html:"/_next/static" - - cpe:"cpe:2.3:a:zeit:next.js" + product: "next.js" + framework: "node.js" + shodan-query: '[http.html:"/_next/static" cpe:"cpe:2.3:a:zeit:next.js"]' fofa-query: body="/_next/static" tags: cve,cve2023,next-js,cache diff --git a/http/vulnerabilities/nextjs/nextjs-middleware-cache.yaml b/http/vulnerabilities/nextjs/nextjs-middleware-cache.yaml index 79d754f8cab..26bed8e3cb4 100644 --- a/http/vulnerabilities/nextjs/nextjs-middleware-cache.yaml +++ b/http/vulnerabilities/nextjs/nextjs-middleware-cache.yaml @@ -5,18 +5,17 @@ info: author: DhiyaneshDk severity: high description: | - Next.js is vulnerable to Cache Poisoning using X-Middleware-Prefetch. + Next.js is vulnerable to Cache Poisoning using X-Middleware-Prefetch. reference: - https://zhero-web-sec.github.io/research-and-things/nextjs-and-cache-poisoning-a-quest-for-the-black-hole metadata: verified: true vendor: vercel - product: next.js - framework: node.js - shodan-query: - - http.html:"/_next/static" - - cpe:"cpe:2.3:a:zeit:next.js" + product: "next.js" + framework: "node.js" + shodan-query: '[http.html:"/_next/static" cpe:"cpe:2.3:a:zeit:next.js"]' fofa-query: body="/_next/static" + max-request: 3 tags: nextjs,cache variables: diff --git a/http/vulnerabilities/nextjs/nextjs-rsc-cache.yaml b/http/vulnerabilities/nextjs/nextjs-rsc-cache.yaml index 6b1efba314b..b74a943de3a 100644 --- a/http/vulnerabilities/nextjs/nextjs-rsc-cache.yaml +++ b/http/vulnerabilities/nextjs/nextjs-rsc-cache.yaml @@ -5,18 +5,17 @@ info: author: DhiyaneshDk severity: high description: | - Next.js is vulnerable to Cache Poisoning using RSC. + Next.js is vulnerable to Cache Poisoning using RSC. reference: - https://zhero-web-sec.github.io/research-and-things/nextjs-and-cache-poisoning-a-quest-for-the-black-hole metadata: + framework: "node.js" + shodan-query: '[http.html:"/_next/static" cpe:"cpe:2.3:a:zeit:next.js"]' + fofa-query: body="/_next/static" + max-request: 3 verified: true vendor: vercel - product: next.js - framework: node.js - shodan-query: - - http.html:"/_next/static" - - cpe:"cpe:2.3:a:zeit:next.js" - fofa-query: body="/_next/static" + product: "next.js" tags: nextjs,cache variables: diff --git a/http/vulnerabilities/other/elgg-sqli.yaml b/http/vulnerabilities/other/elgg-sqli.yaml index 4da0337d0b3..81da901bea4 100644 --- a/http/vulnerabilities/other/elgg-sqli.yaml +++ b/http/vulnerabilities/other/elgg-sqli.yaml @@ -11,7 +11,7 @@ info: - https://github.com/Elgg/Elgg metadata: verified: true - max-request: 1 + max-request: 2 vendor: elgg product: elgg fofa-query: icon_hash="413602919" diff --git a/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml b/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml index a1f0d820635..f33ceb57e83 100644 --- a/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml +++ b/http/vulnerabilities/other/fastbee-arbitrary-file-read.yaml @@ -10,10 +10,10 @@ info: - https://blog.csdn.net/weixin_43167326/article/details/141806542 metadata: verified: true - max-request: 1 + max-request: 2 vendor: fastbee product: fastbee - fofa-query: "fastbee" + fofa-query: fastbee tags: fastbee,iot,lfi flow: http(1) && http(2) diff --git a/http/vulnerabilities/other/fumengyun-sqli.yaml b/http/vulnerabilities/other/fumengyun-sqli.yaml index 84f293fb622..48a8bf69a88 100644 --- a/http/vulnerabilities/other/fumengyun-sqli.yaml +++ b/http/vulnerabilities/other/fumengyun-sqli.yaml @@ -6,12 +6,12 @@ info: severity: critical description: | The Fumeng AjaxMethod.ashx file has an SQL injection vulnerability. Attackers can use this vulnerability to obtain server data. + reference: + - https://github.com/emadshanab/goby-poc/blob/main/fumengyun%20%20AjaxMethod.ashx%20SQL%20injection.json impact: | Successful exploitation could lead to unauthorized access to sensitive data. remediation: | Implement input validation and use parameterized queries to prevent SQL Injection attacks. - reference: - - https://github.com/emadshanab/goby-poc/blob/main/fumengyun%20%20AjaxMethod.ashx%20SQL%20injection.json classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -19,9 +19,9 @@ info: epss-score: 0.00076 epss-percentile: 0.31944 metadata: - max-request: 1 shodan-query: title:"孚盟云 " fofa-query: title="孚盟云 " + max-request: 3 tags: time-based-sqli,fumasoft,sqli flow: http(1) && http(2) diff --git a/http/vulnerabilities/other/h3c-cnsss-arbitrary-file-upload.yaml b/http/vulnerabilities/other/h3c-cnsss-arbitrary-file-upload.yaml index 7a2edbc6034..63d3bfd061c 100644 --- a/http/vulnerabilities/other/h3c-cnsss-arbitrary-file-upload.yaml +++ b/http/vulnerabilities/other/h3c-cnsss-arbitrary-file-upload.yaml @@ -10,7 +10,7 @@ info: - https://github.com/wy876/POC/blob/main/H3C-%E6%A0%A1%E5%9B%AD%E7%BD%91%E8%87%AA%E5%8A%A9%E6%9C%8D%E5%8A%A1%E7%B3%BB%E7%BB%9Fflexfileupload%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md metadata: verified: true - max-request: 1 + max-request: 2 fofa-query: header="/selfservice" tags: h3c,lfi,instrusive,file-upload diff --git a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml index 7e6604811bd..b10e31e2c42 100644 --- a/http/vulnerabilities/other/readymade-unilevel-sqli.yaml +++ b/http/vulnerabilities/other/readymade-unilevel-sqli.yaml @@ -9,8 +9,9 @@ info: reference: - https://packetstormsecurity.com/files/179886/ReadyMade-Unilevel-Ecommerce-MLM-Blind-SQL-Injection-Cross-Site-Scripting.html metadata: - vendor: i-netsolution - product: readymade-unilevel-ecommerce + vendor: "i-netsolution" + product: "readymade-unilevel-ecommerce" + max-request: 1 tags: time-based-sqli,ecommerce,readymade,sqli http: diff --git a/http/vulnerabilities/other/readymade-unilevel-xss.yaml b/http/vulnerabilities/other/readymade-unilevel-xss.yaml index def8a8debfb..6d2a6ab74f9 100644 --- a/http/vulnerabilities/other/readymade-unilevel-xss.yaml +++ b/http/vulnerabilities/other/readymade-unilevel-xss.yaml @@ -9,8 +9,9 @@ info: reference: - https://packetstormsecurity.com/files/179886/ReadyMade-Unilevel-Ecommerce-MLM-Blind-SQL-Injection-Cross-Site-Scripting.html metadata: - vendor: i-netsolution - product: readymade-unilevel-ecommerce + product: "readymade-unilevel-ecommerce" + max-request: 1 + vendor: "i-netsolution" tags: ecommerce,readymade,xss variables: diff --git a/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml b/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml index dd711303094..f6c1db80f81 100644 --- a/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml +++ b/http/vulnerabilities/prestashop/prestashop-apmarketplace-sqli.yaml @@ -11,6 +11,7 @@ info: metadata: verified: true shodan-query: http.component:"Prestashop" + max-request: 1 tags: time-based-sqli,prestashop,sqli http: diff --git a/http/vulnerabilities/projectsend-auth-bypass.yaml b/http/vulnerabilities/projectsend-auth-bypass.yaml index 3508cceeeda..f4657f5be67 100644 --- a/http/vulnerabilities/projectsend-auth-bypass.yaml +++ b/http/vulnerabilities/projectsend-auth-bypass.yaml @@ -11,7 +11,7 @@ info: - https://www.synacktiv.com/sites/default/files/2024-07/synacktiv-projectsend-multiple-vulnerabilities.pdf metadata: verified: true - max-request: 1 + max-request: 3 fofa-query: body="ProjectSend" shodan-query: html:"ProjectSend" tags: misconfig,projectsend,auth-bypass