🔐
Sentnl
  • Stay Secure
  • SSH
    • Bash History
  • Git
    • GitHub credential caching no no
    • Removing your GitHub commit history
  • Community
    • Tips on identifying scammers on Telegram
  • Linux security
    • Install Wiregaurd on Ubuntu 18.04
    • Ubuntu automated security updates
  • Hacking Demos
    • Getting passwords of logged in users
  • Wordpress Remote Code Execution
  • Grafana SSRF exploit
  • CVE Query API Examples
    • Wordpress + plugins CVE query
    • Hyperion CVE Query
    • Atomic API CVE query
Powered by GitBook
On this page

Was this helpful?

  1. CVE Query API Examples

Wordpress + plugins CVE query

An example Wordpress CVE query to list all the vulnerabilities associated with your wordpress install

In this example we will be quering the CVE database for any vulnerabilities that matches our current wordpress install and associated plugins.

Wordpress Version: 5.3.0

Plugins install:

  • WooCommerce Upload Files WordPress plugin

  • WP Fluent Forms plugin

  • Social Slider Widget

Running the below query, will search the entire CVE database and look for any vulnerabilities that match the software installed on your wordpress install.

curl -X POST -H "Content-Type: application/json" \
-d '[
{ "retrieve": "cves", "dict_filter": { "vulnerable_configuration": "cpe:2.3:a:wordpress:wordpress:5.3.0:*:*:*:*:*:*:*" }, "limit": 10, "query_filter": { "access": 0, "cwe": 0, "vulnerable_configuration": 0, "vulnerable_product": 0 } },
{ "retrieve": "cves", "dict_filter": { "vulnerable_configuration": "cpe:2.3:a:woocommerce:upload_files:57.3:*:*:*:*:wordpress:*:*" }, "limit": 10, "query_filter": { "access": 0, "cwe": 0, "vulnerable_configuration": 0, "vulnerable_product": 0 } },
{ "retrieve": "cves", "dict_filter": { "vulnerable_configuration": "cpe:2.3:a:cm-wp:social_slider_widget:-:*:*:*:*:wordpress:*:*" }, "limit": 10, "query_filter": { "access": 0, "cwe": 0, "vulnerable_configuration": 0, "vulnerable_product": 0 } },
{ "retrieve": "cves", "dict_filter": { "vulnerable_configuration": "cpe:2.3:a:fluentforms:contact_form:*:*:*:*:wordpress:*:*:*" }, "limit": 10, "query_filter": { "access": 0, "cwe": 0, "vulnerable_configuration": 0, "vulnerable_product": 0 } }
]' \
https://vuln.sentnl.io/api/query
PreviousGrafana SSRF exploitNextHyperion CVE Query

Last updated 3 years ago

Was this helpful?