Skip to content
Nuclei Templates

Prime Mover < 1.9.3 - Sensitive Data Exposure

ID: CVE-2023-6505

Severity: high

Author: s4e-io

Tags: cve,cve2023,wp,wp-plugin,wordpress,exposure,prime-mover,listing

Description

Section titled “Description”

Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the ‘prime-mover-export-files/1/’ folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes.

YAML Source

Section titled “YAML Source”
id: CVE-2023-6505


info:
  name: Prime Mover < 1.9.3 - Sensitive Data Exposure
  author: s4e-io
  severity: high
  description: |
    Prime Mover plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.2 via directory listing in the 'prime-mover-export-files/1/' folder. This makes it possible for unauthenticated attackers to extract sensitive data including site and configuration information, directories, files, and password hashes.
  remediation: |
    Fixed in 1.9.3
  reference:
    - https://wpscan.com/vulnerability/eca6f099-6af0-4f42-aade-ab61dd792629
    - https://research.cleantalk.org/cve-2023-6505-prime-mover-poc-exploit/
    - https://nvd.nist.gov/vuln/detail/CVE-2023-6505
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2023-6505
    epss-score: 0.00087
    epss-percentile: 0.36916
    cpe: cpe:2.3:a:codexonics:prime_mover:*:*:*:*:*:wordpress:*:*
  metadata:
    max-request: 1
    vendor: codexonics
    product: prime_mover
    framework: wordpress
    fofa-query: body="/wp-content/plugins/prime-mover"
  tags: cve,cve2023,wp,wp-plugin,wordpress,exposure,prime-mover,listing


http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/uploads/prime-mover-export-files/1/"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Index of /wp-content/uploads/prime-mover-export-files/1"
          - ".wprime"
        condition: or


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100e674322fdb1ffb06e6281648f9208dd0e16671638518d7e8911964f737d4cda6022100c87d3e21d2a3e85e562592bea0c6679618dcb20110bfc12d77b24d6d6e17caa2:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-6505.yaml"

View on Github