It delves into the CVE-2023-6000 vulnerability, showcasing a proof of concept (PoC) for identifying at-risk WordPress plugins.

Focused on a specific detection method, it guides readers through the steps to pinpoint and address vulnerabilities before they can be exploited.

By leveraging this PoC, users can enhance the security of their WordPress installations, safeguarding them against potential attacks.

How Does This Detection Method Work?

This template looks at the following path: /wp-content/plugins/popup-builder/readme.txt

Based on the Stable Tag listed, if the version is prior to 4.2.3 then it is considered to be vulnerable.

How Do I Run This Script?

  1. Download Nuclei from here
  2. Copy the template to your local system
  3. Run the following command: nuclei -u https://yourHost.com -t template.yaml