This template looks at the following path: /wp-content/plugins/popup-builder/readme.txt
Based on the Stable Tag listed, if the version is prior to 4.2.3
then it is considered to be vulnerable.
- Download Nuclei from here
- Copy the template to your local system
- Run the following command:
nuclei -u https://yourHost.com -t template.yaml
- https://nvd.nist.gov/vuln/detail/CVE-2023-6000
- https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/
Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.