Home

Awesome

Nuclei template generator for WordPress plugins

🛠 Template Validate ❄️ YAML Lint ✨ Update WordPress Plugin Templates

This is a simple script to scrape plugins from the WordPress website and then use to generate Nuclei templates.

image

Downloading templates

With Nuclei

You can consume these Nuclei templates directly from GitHub. Define the environment variable GITHUB_TEMPLATE_REPO like this:

export GITHUB_TEMPLATE_REPO=ricardomaia/nuclei-template-generator-for-wordpress-plugins

Update templates

$ nuclei -ut
                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v2.8.1

                projectdiscovery.io

[INF] ricardomaia/nuclei-template-generator-for-wordpress-plugins: already up-to-date
[INF] No new updates found for nuclei templates

Using the templates

nuclei -t github/nuclei-template-generator-for-wordpress-plugins/technologies/wordpress/plugins -u https://www.example.com

Cloning this Repo

$ git clone https://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins.git
cd nuclei-template-generator-for-wordpress-plugin

With this option, you would run the templates as in the following examples.

Run templates

One target

nuclei -t technologies/wordpress/plugins -u https://www.example.com

One target & only TOP 100

nuclei -ud ./nuclei-templates -t technologies/wordpress/plugins -tags top-100 -u https://www.example.com

Multiple targets

nuclei -ud ./nuclei-templates -t technologies/wordpress -l list_of_targets.txt

image

Generate or update templates

(Windows)

docker compose up -d

(Linux)

docker-compose up -d

Filtering JSON results

To get only outdated plugins.

jq -r "select(.[\"matcher-name\"] != null) | .host, .info.metadata.plugin_namespace, .[\"extracted-results\"][], .[\"matcher-name\"], \"\n\" " < report.json