20240831

date.txt

@@ -1 +1 @@
-20240830
+20240831

poc.txt

@@ -21642,6 +21642,7 @@
 ./poc/cve/CVE-2022-40975.yaml
 ./poc/cve/CVE-2022-4099-efabe65e0636127b900f654341e2d21b.yaml
 ./poc/cve/CVE-2022-4099.yaml
+./poc/cve/CVE-2022-4100-6846e3140a5dc10367fd9a3bbcde3cfd.yaml
 ./poc/cve/CVE-2022-4101-ff9c428babf09501938ec8b47a7ff0b5.yaml
 ./poc/cve/CVE-2022-4101.yaml
 ./poc/cve/CVE-2022-4102-211a125e03141593ca6a2a03eab40ec0.yaml
@@ -22363,6 +22364,7 @@
 ./poc/cve/CVE-2022-45358.yaml
 ./poc/cve/CVE-2022-45359-b36586431dff2aad1fae7b081e9eb505.yaml
 ./poc/cve/CVE-2022-45359.yaml
+./poc/cve/CVE-2022-4536-cbca2c22fe44b388466f971246767370.yaml
 ./poc/cve/CVE-2022-45360-207ef17540c22dd0793408d606b91bda.yaml
 ./poc/cve/CVE-2022-45360.yaml
 ./poc/cve/CVE-2022-45361-aa79324e8a1a2b2db7d009a7aa76d972.yaml
@@ -22401,6 +22403,7 @@
 ./poc/cve/CVE-2022-45376.yaml
 ./poc/cve/CVE-2022-45377-f99be6f5db095fa34ac8836d9c3bf756.yaml
 ./poc/cve/CVE-2022-45377.yaml
+./poc/cve/CVE-2022-4539-7a30287ecd3463157871780d6cb74779.yaml
 ./poc/cve/CVE-2022-4542-f62d4c5bcf581eb4208970f7bf92c622.yaml
 ./poc/cve/CVE-2022-4542.yaml
 ./poc/cve/CVE-2022-4544-4a43b5c1e9b5ac07f83a1ad6288e2487.yaml
@@ -35007,6 +35010,7 @@
 ./poc/cve/CVE-2024-2693-647bc0d6e21e08c5754ccb6bcd1aae5c.yaml
 ./poc/cve/CVE-2024-2693.yaml
 ./poc/cve/CVE-2024-2694-b120e064dbe03fdfe7dc85edf005b468.yaml
+./poc/cve/CVE-2024-2694.yaml
 ./poc/cve/CVE-2024-2695-ae730861a36dba83eb67def8728d825a.yaml
 ./poc/cve/CVE-2024-2695-dcc8ab86728871c2ab1f322b32d5d24a.yaml
 ./poc/cve/CVE-2024-2695.yaml
@@ -39496,6 +39500,7 @@
 ./poc/cve/CVE-2024-3883.yaml
 ./poc/cve/CVE-2024-3885-9e0a7124350833ada45c8c2089abea17.yaml
 ./poc/cve/CVE-2024-3885.yaml
+./poc/cve/CVE-2024-3886-5b264146b1ead99350dd9d50b9b165a5.yaml
 ./poc/cve/CVE-2024-3887-c69a35937d64f9aabf71399960d846ed.yaml
 ./poc/cve/CVE-2024-3887.yaml
 ./poc/cve/CVE-2024-3888-73a7dff9e7fc032d9c7b3504d9e32105.yaml
@@ -39742,6 +39747,7 @@
 ./poc/cve/CVE-2024-3997-ec2b985dc77b9e8be9179278d94ac597.yaml
 ./poc/cve/CVE-2024-3997.yaml
 ./poc/cve/CVE-2024-3998-3e30ffebe59d9a76218cb85864c1c93f.yaml
+./poc/cve/CVE-2024-3998.yaml
 ./poc/cve/CVE-2024-3999-c476d9afb5ffc3ca8d446456d56d241f.yaml
 ./poc/cve/CVE-2024-3999.yaml
 ./poc/cve/CVE-2024-4000-413f9aad8039820df563829dd8dd16d6.yaml
@@ -40063,6 +40069,7 @@
 ./poc/cve/CVE-2024-43210.yaml
 ./poc/cve/CVE-2024-43211-52583efb98a1ee87166361a87199594d.yaml
 ./poc/cve/CVE-2024-43211.yaml
+./poc/cve/CVE-2024-43212-b599c8548f771f0451cdc13214f7ff68.yaml
 ./poc/cve/CVE-2024-43212-fa7c63c9c1acaf40e2a0fa149e79e1fd.yaml
 ./poc/cve/CVE-2024-43212.yaml
 ./poc/cve/CVE-2024-43213-035ab3596c728eee900f004610ee954d.yaml
@@ -40146,6 +40153,7 @@
 ./poc/cve/CVE-2024-43253-f0a28b89948b7ce1a9e3b142fc5b96af.yaml
 ./poc/cve/CVE-2024-43253.yaml
 ./poc/cve/CVE-2024-43254-45b63d56497d30988092c35280a0f346.yaml
+./poc/cve/CVE-2024-43254-ab3e4aac5098aa3c00587af765319448.yaml
 ./poc/cve/CVE-2024-43254.yaml
 ./poc/cve/CVE-2024-43255-c5e379d221966e401191b74f67ed5c1d.yaml
 ./poc/cve/CVE-2024-43255.yaml
@@ -40458,6 +40466,7 @@
 ./poc/cve/CVE-2024-4400-edb034274ef6f17041114a62daa8b47d.yaml
 ./poc/cve/CVE-2024-4400.yaml
 ./poc/cve/CVE-2024-4401-d790d6521995cbca6bedf9a614f719bf.yaml
+./poc/cve/CVE-2024-4401.yaml
 ./poc/cve/CVE-2024-4404-3225832ef59af3d93e669e4f0630d732.yaml
 ./poc/cve/CVE-2024-4404.yaml
 ./poc/cve/CVE-2024-4409-bd7b37af206b0db99929fc562e902a9e.yaml
@@ -40893,6 +40902,7 @@
 ./poc/cve/CVE-2024-5021-1b48a97f4f87b8e1c0d35951dcf47c52.yaml
 ./poc/cve/CVE-2024-5021.yaml
 ./poc/cve/CVE-2024-5024-df0641cd7d9eed4752dc979388d29728.yaml
+./poc/cve/CVE-2024-5024.yaml
 ./poc/cve/CVE-2024-5025-f6e5bc7c36789d49a83912b9c62d03f6.yaml
 ./poc/cve/CVE-2024-5025.yaml
 ./poc/cve/CVE-2024-5028-2b1c7753e02398d12917feca766a8f54.yaml
@@ -40922,6 +40932,7 @@
 ./poc/cve/CVE-2024-5060-0e9bb89e270fce112d686bcb31ddac36.yaml
 ./poc/cve/CVE-2024-5060.yaml
 ./poc/cve/CVE-2024-5061-e85fb07ba4a08a3b3d95773fe18c51f6.yaml
+./poc/cve/CVE-2024-5061.yaml
 ./poc/cve/CVE-2024-5071-783fe5cda41afb7fa1d0cebcc413aaf2.yaml
 ./poc/cve/CVE-2024-5071-b9e7eecb062d13ae3a35094e64731713.yaml
 ./poc/cve/CVE-2024-5071.yaml
@@ -41010,6 +41021,7 @@
 ./poc/cve/CVE-2024-5205.yaml
 ./poc/cve/CVE-2024-5207-dfe92838983c441ca6954031b5866f4e.yaml
 ./poc/cve/CVE-2024-5207.yaml
+./poc/cve/CVE-2024-5212-26e8ea237e5eb184a7a3f6926818b07b.yaml
 ./poc/cve/CVE-2024-5215-0170d5acc9b537b31bb3fad32634325d.yaml
 ./poc/cve/CVE-2024-5215.yaml
 ./poc/cve/CVE-2024-5217.yaml
@@ -41336,6 +41348,7 @@
 ./poc/cve/CVE-2024-5715.yaml
 ./poc/cve/CVE-2024-5724-4ec214434fd2f861667853a0711db2bf.yaml
 ./poc/cve/CVE-2024-5724.yaml
+./poc/cve/CVE-2024-5726-014e0e9e4a215d0587195d5062af61a5.yaml
 ./poc/cve/CVE-2024-5726-356112c2928a1e694b7bf670e7c30b58.yaml
 ./poc/cve/CVE-2024-5726.yaml
 ./poc/cve/CVE-2024-5727-08c9ece2ef96c189022a2e500fdce8e4.yaml
@@ -41365,6 +41378,7 @@
 ./poc/cve/CVE-2024-5770-535af98dd21b180aed9353b26ab61bf4.yaml
 ./poc/cve/CVE-2024-5770.yaml
 ./poc/cve/CVE-2024-5784-0014276fabbee1d09ebf48d3bcb8d1fe.yaml
+./poc/cve/CVE-2024-5784.yaml
 ./poc/cve/CVE-2024-5787-ba698dc9e13c3c5e0d40143b11aa6de4.yaml
 ./poc/cve/CVE-2024-5787.yaml
 ./poc/cve/CVE-2024-5788-28fe2f5078d75f5024e6c25cc111ffd2.yaml
@@ -41424,6 +41438,7 @@
 ./poc/cve/CVE-2024-5871-bdd808d6a9eceafe261c336341d9e130.yaml
 ./poc/cve/CVE-2024-5871.yaml
 ./poc/cve/CVE-2024-5879-15e47d64ae81bc253ae61d7b9ab17d63.yaml
+./poc/cve/CVE-2024-5879.yaml
 ./poc/cve/CVE-2024-5880-da35cf349d9e9d256e9d4d267817f858.yaml
 ./poc/cve/CVE-2024-5880.yaml
 ./poc/cve/CVE-2024-5881-deb2b9d2631d7547b1cfede5484472ab.yaml
@@ -42076,6 +42091,7 @@
 ./poc/cve/CVE-2024-7100-ad8e27985a77f89f3ffd15a9cd3c761c.yaml
 ./poc/cve/CVE-2024-7100.yaml
 ./poc/cve/CVE-2024-7122-332eadd538ee19c7f5056f343ea0b155.yaml
+./poc/cve/CVE-2024-7122.yaml
 ./poc/cve/CVE-2024-7134-68ccbd22e014b574fd8573f2d56f4553.yaml
 ./poc/cve/CVE-2024-7134.yaml
 ./poc/cve/CVE-2024-7135-4efde48e672954d3ec911965413e7bde.yaml
@@ -42149,6 +42165,7 @@
 ./poc/cve/CVE-2024-7420.yaml
 ./poc/cve/CVE-2024-7422-687a511b4014fc6e48564ef68ecc160f.yaml
 ./poc/cve/CVE-2024-7422.yaml
+./poc/cve/CVE-2024-7435-56bbd99bfe68d581fd709483401a1c1a.yaml
 ./poc/cve/CVE-2024-7447-616934177af234fd0293527159d2650e.yaml
 ./poc/cve/CVE-2024-7447.yaml
 ./poc/cve/CVE-2024-7484-5be14b55ae30eebe36f1e5fcad1d160a.yaml
@@ -42224,6 +42241,7 @@
 ./poc/cve/CVE-2024-7702.yaml
 ./poc/cve/CVE-2024-7703-7d232ae776193850ef9d74eec7d98698.yaml
 ./poc/cve/CVE-2024-7703.yaml
+./poc/cve/CVE-2024-7717-8b2d72f894c49fa210faf06966bb467e.yaml
 ./poc/cve/CVE-2024-7775-cb89a9bf3c0d813debb09dc21c3f085f.yaml
 ./poc/cve/CVE-2024-7775.yaml
 ./poc/cve/CVE-2024-7777-e2bdcc8b58b83d53647a50d88143707d.yaml
@@ -42261,6 +42279,7 @@
 ./poc/cve/CVE-2024-7857-a18aa7c9dff5c4191bbf30ebf29a07a1.yaml
 ./poc/cve/CVE-2024-7857.yaml
 ./poc/cve/CVE-2024-7858-ee11b1c569d7435d78bdfcf72833bbc0.yaml
+./poc/cve/CVE-2024-7858.yaml
 ./poc/cve/CVE-2024-7860-7bfa7ad373e4b2369c7238a1709273fe.yaml
 ./poc/cve/CVE-2024-7860.yaml
 ./poc/cve/CVE-2024-7861-9726dbafcd5c9f5063d85ac5d4f9296c.yaml
@@ -42274,6 +42293,7 @@
 ./poc/cve/CVE-2024-7918-a7e65e7119ee7b26b163171cf42cfe15.yaml
 ./poc/cve/CVE-2024-7918.yaml
 ./poc/cve/CVE-2024-8016-d1bc0d8335eb95e44886878c9717595b.yaml
+./poc/cve/CVE-2024-8016.yaml
 ./poc/cve/CVE-2024-8030-4bf23408e0dc80a213e018f362e5999c.yaml
 ./poc/cve/CVE-2024-8030.yaml
 ./poc/cve/CVE-2024-8043-613641adfae0294950a0fa915c4316f4.yaml
@@ -42294,6 +42314,7 @@
 ./poc/cve/CVE-2024-8056.yaml
 ./poc/cve/CVE-2024-8091-2a76422fe65a9439ffb66d6cccbb9f37.yaml
 ./poc/cve/CVE-2024-8091.yaml
+./poc/cve/CVE-2024-8108-388981d89511f13ba76287252ce2c890.yaml
 ./poc/cve/CVE-2024-8120-3613ebb9d30f84ec400bcf99e23d31d1.yaml
 ./poc/cve/CVE-2024-8120.yaml
 ./poc/cve/CVE-2024-8195-55ed6b4889c7dbecb6bd9deee053ca6e.yaml
@@ -42305,8 +42326,12 @@
 ./poc/cve/CVE-2024-8200-212df01da660270f0a3ccabafd9f05f2.yaml
 ./poc/cve/CVE-2024-8200.yaml
 ./poc/cve/CVE-2024-8252-2918e2ad48b79ca4c8bb4e4cd2023c96.yaml
+./poc/cve/CVE-2024-8252.yaml
 ./poc/cve/CVE-2024-8274-bda8d98f83bd3baa9ee6eb35650a9ef1.yaml
+./poc/cve/CVE-2024-8274.yaml
+./poc/cve/CVE-2024-8276-abcb50055a0fdc77a95290d651b9dbcc.yaml
 ./poc/cve/CVE-2024-8319-f52695adcae621062e419e0168d0ec9c.yaml
+./poc/cve/CVE-2024-8319.yaml
 ./poc/cve/CVE_2023_49442.yaml
 ./poc/cve/CVE_2023_51467.yaml
 ./poc/cve/CVE_2024_0195.yaml
@@ -64184,6 +64209,7 @@
 ./poc/other/attendance-manager-e0ca84a106bbce24a15a50a52260c615.yaml
 ./poc/other/attendance-manager.yaml
 ./poc/other/attesa-extra.yaml
+./poc/other/attire-018e03e3d84deb0b9ea4b368a9e735bb.yaml
 ./poc/other/attire-blocks-4d0bda665c71d62ec3979730095585b3.yaml
 ./poc/other/attire-blocks.yaml
 ./poc/other/attorney-75ae42f95c5029a5c34276ce81634c4d.yaml
@@ -72049,6 +72075,7 @@
 ./poc/other/events-addon-for-elementor-plugin.yaml
 ./poc/other/events-addon-for-elementor.yaml
 ./poc/other/events-calendar-pro-906106af4e69d60e26f99cff1906aa71.yaml
+./poc/other/events-calendar-pro.yaml
 ./poc/other/events-calendar-registration-booking-by-events-plus-ff9293ba28748efa2ab9a2fe77385468.yaml
 ./poc/other/events-calendar-registration-booking-by-events-plus.yaml
 ./poc/other/events-made-easy-00e7f5be1ab35984fe7530e3d9ef1afb.yaml
@@ -86108,6 +86135,7 @@
 ./poc/other/share-one-drive-8aefbdc94d261c5ffcf5b6d1472c5159.yaml
 ./poc/other/share-one-drive.yaml
 ./poc/other/share-this-c141fa5002265cf4cb976ed6cf31fc6c.yaml
+./poc/other/share-this-image-1c9c43ea93da339cf4ddfe98cd5e553a.yaml
 ./poc/other/share-this-image-576f17348faf1cebc874fccfe14a8b45.yaml
 ./poc/other/share-this-image-af2bcc66229bf5bd6c08d48a24366221.yaml
 ./poc/other/share-this-image.yaml
@@ -88807,9 +88835,11 @@
 ./poc/other/td-cloud-library-1c4748f99f4bb0e2e425c3b000b9c0fc.yaml
 ./poc/other/td-cloud-library.yaml
 ./poc/other/td-composer-1cda7428f15f4698d6291b17e9baa214.yaml
+./poc/other/td-composer-3b0822f9c769d60e753b8fc716feb8bc.yaml
 ./poc/other/td-composer-4f5ed17eac889295b2deedaa4975fd95.yaml
 ./poc/other/td-composer-80143192a811ca26978bf2e6218c23f6.yaml
 ./poc/other/td-composer-9494a3ec135164d73110d9ffc217777e.yaml
+./poc/other/td-composer-a84bf528fd8a808bc88b049d18e64cda.yaml
 ./poc/other/td-composer-ce48f32c9e769abd4cb0ab1ac1ace80c.yaml
 ./poc/other/td-composer-d39cb83229da357ab1af912bf2630331.yaml
 ./poc/other/td-composer-f3f203d9ab101f9d04ccf12ec6b5d164.yaml
@@ -102170,6 +102200,7 @@
 ./poc/sql/CVE-2024-8051-13d32e37d22c86e6841489ccba7dbaab.yaml
 ./poc/sql/CVE-2024-8195-55ed6b4889c7dbecb6bd9deee053ca6e.yaml
 ./poc/sql/CVE-2024-8197-c5c070dc8273cbfedbc9600c73cd97ad.yaml
+./poc/sql/CVE-2024-8276-abcb50055a0fdc77a95290d651b9dbcc.yaml
 ./poc/sql/Changdao-165-SQLi.yaml
 ./poc/sql/Cmseasy-Http-Head-sqli.yaml
 ./poc/sql/Cmseasy-celive-sqli.yaml
@@ -110381,6 +110412,7 @@
 ./poc/web/wapppress-builds-android-app-for-website-93eb7c704e6e0ef25aa6b8829b01d3fd.yaml
 ./poc/web/wapppress-builds-android-app-for-website.yaml
 ./poc/web/web-application-firewall-844b9d1d24421cab341a4ecc56416b51.yaml
+./poc/web/web-application-firewall-aecd7866e19c9efd3d56871b357c8881.yaml
 ./poc/web/web-application-firewall.yaml
 ./poc/web/web-cache-poising.yaml
 ./poc/web/web-cache-poisoning.yaml
@@ -111688,6 +111720,7 @@
 ./poc/wordpress/instawp-connect-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml
 ./poc/wordpress/instawp-connect-plugin.yaml
 ./poc/wordpress/instawp-connect.yaml
+./poc/wordpress/ip-vault-wp-firewall-5048b84b845dea0b88ed33d7dc34347e.yaml
 ./poc/wordpress/ip-vault-wp-firewall-595200d561a42d70e218defec57a75a8.yaml
 ./poc/wordpress/ip-vault-wp-firewall.yaml
 ./poc/wordpress/itempropwp-3416bfa27ed25f7ffea8196830edb064.yaml
@@ -113913,6 +113946,7 @@
 ./poc/wordpress/wp-central.yaml
 ./poc/wordpress/wp-cerber-147fd304b3df157c7f7d15a91cde2e37.yaml
 ./poc/wordpress/wp-cerber-2de93f4e30326bd812b1fce3dd004555.yaml
+./poc/wordpress/wp-cerber-4a64f9ad31b78ab78c48428c5a85590b.yaml
 ./poc/wordpress/wp-cerber-87f6796ba287e18749650930f19b92f6.yaml
 ./poc/wordpress/wp-cerber-925189d34deb9cf3a7da967fb678739e.yaml
 ./poc/wordpress/wp-cerber-a6210c801ebe77c8a4b0906ac51e8e6f.yaml
@@ -114639,6 +114673,7 @@
 ./poc/wordpress/wp-events-7838675c7859ff8a7694725464a2c880.yaml
 ./poc/wordpress/wp-events-939c8e41990e721256330f6828258871.yaml
 ./poc/wordpress/wp-events-d41d8cd98f00b204e9800998ecf8427e.yaml
+./poc/wordpress/wp-events-manager-29722e1d187e63b6b325ae129c9c70d3.yaml
 ./poc/wordpress/wp-events-plugin-d41d8cd98f00b204e9800998ecf8427e.yaml
 ./poc/wordpress/wp-events-plugin.yaml
 ./poc/wordpress/wp-events.yaml
@@ -118604,6 +118639,7 @@
 ./poc/wordpress/wpzoom-inspiro-pro-9bf7823e174d198324751124dceb7c43.yaml
 ./poc/wordpress/wpzoom-inspiro-pro.yaml
 ./poc/wordpress/wpzoom-portfolio-34081bbf6d948f7de8763d03d9ef73e2.yaml
+./poc/wordpress/wpzoom-portfolio-dcf59e219d34d9e2d14f575ceb25f541.yaml
 ./poc/wordpress/wpzoom-portfolio.yaml
 ./poc/wordpress/wpzoom-shortcodes-9bd9f0c961d140a7a58265e49125c3ca.yaml
 ./poc/wordpress/wpzoom-shortcodes.yaml

poc/cve/CVE-2022-4100-6846e3140a5dc10367fd9a3bbcde3cfd.yaml

@@ -0,0 +1,59 @@
+id: CVE-2022-4100-6846e3140a5dc10367fd9a3bbcde3cfd
+
+info:
+  name: >
+    WP Cerber Security <= 9.4 - IP Protection Bypass
+  author: topscoder
+  severity: medium
+  description: >
+    The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the X-Forwarded-For: HTTP header to an IP Address that hasn't been blocked.
+  reference:
+    - https://github.com/topscoder/nuclei-wordfence-cve
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/03ccd474-42f4-4cbb-823e-93fe4db1bf80?source=api-prod
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-4100
+  metadata:
+    fofa-query: "wp-content/plugins/wp-cerber/"
+    google-query: inurl:"/wp-content/plugins/wp-cerber/"
+    shodan-query: 'vuln:CVE-2022-4100'
+  tags: cve,wordpress,wp-plugin,wp-cerber,medium
+
+http:
+  - method: GET
+    redirects: true
+    max-redirects: 3
+    path:
+      - "{{BaseURL}}/wp-content/plugins/wp-cerber/readme.txt"
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        internal: true
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "wp-cerber"
+        part: body
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '<= 9.4')

poc/cve/CVE-2022-4536-cbca2c22fe44b388466f971246767370.yaml

@@ -0,0 +1,59 @@
+id: CVE-2022-4536-cbca2c22fe44b388466f971246767370
+
+info:
+  name: >
+    IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass
+  author: topscoder
+  severity: medium
+  description: >
+    The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.
+  reference:
+    - https://github.com/topscoder/nuclei-wordfence-cve
+    - https://www.wordfence.com/threat-intel/vulnerabilities/id/66e89753-f83e-4e60-b165-6d3d101d6c59?source=api-prod
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
+    cvss-score: 5.3
+    cve-id: CVE-2022-4536
+  metadata:
+    fofa-query: "wp-content/plugins/ip-vault-wp-firewall/"
+    google-query: inurl:"/wp-content/plugins/ip-vault-wp-firewall/"
+    shodan-query: 'vuln:CVE-2022-4536'
+  tags: cve,wordpress,wp-plugin,ip-vault-wp-firewall,medium
+
+http:
+  - method: GET
+    redirects: true
+    max-redirects: 3
+    path:
+      - "{{BaseURL}}/wp-content/plugins/ip-vault-wp-firewall/readme.txt"
+
+    extractors:
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        internal: true
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+      - type: regex
+        name: version
+        part: body
+        group: 1
+        regex:
+          - "(?mi)Stable tag: ([0-9.]+)"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "ip-vault-wp-firewall"
+        part: body
+
+      - type: dsl
+        dsl:
+          - compare_versions(version, '<= 1.1')