Home

Awesome

<div align="center"> <a href="https://github.com/topscoder/nuclei-wordfence-cve"> <img width="100" align=center src="https://user-images.githubusercontent.com/86197446/225912783-bb6c5fa9-ce45-488b-a1fd-5af705b7cced.jpg"> </a> <h1>Nuclei + Wordfence = ♥</h1> <h4><!-- START: __TOTAL_NUM_TEMPLATES -->47,371<!-- END: __TOTAL_NUM_TEMPLATES --> Nuclei Templates for WordPress Security Scanning 🥳</h4> <img src="https://img.shields.io/github/actions/workflow/status/topscoder/nuclei-wordfence-cve/test.yml?label=CI&logo=github&style=flat-square" height="20" alt="GitHub Workflow Status"> <img src="https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white&style=flat-square" height="20" alt="pre-commit"> <img src="https://img.shields.io/github/last-commit/topscoder/nuclei-wordfence-cve/main?style=flat-square&label=templates%20added" height="20" alt="Templates added"> </div>

Level up your WordPress security game! This project's got a treasure trove of fresh Nuclei templates for WordPress. Scan for weaknesses in Core, plugins, and themes – all based on the latest intel from Wordfence.com.

Here's why this is your new best friend:

If you're guarding a WordPress site, this project is your secret weapon to identify vulnerabilities before the bad guys do. Stop wasting time and secure your sites like a pro!


[!TIP] If you found this project helpful, please consider giving it a star on GitHub. Your support helps to make this project even better. 🌟

What's in it?!

<!-- START: __STATISTICS_TABLE -->
categorytotal
wp-plugins44,361
wp-themes2,260
wp-core743
other16
severitytotal
info7
low20,431
medium14,948
high8,358
critical3,626
<!-- END: __STATISTICS_TABLE -->

Installation

To install this nuclei-wordfence-cve repository for use with Nuclei, you can use the following commands:

export GITHUB_TEMPLATE_REPO=topscoder/nuclei-wordfence-cve
nuclei -update-templates

Usage

Once you have installed this template repo using the commands above, you can run the following command to scan for vulnerabilities using Nuclei:

nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com

Examples

Here are some examples how to use the templates:

nuclei -t github/topscoder/nuclei-wordfence-cve -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-id cve-2023-32961 -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -severity critical -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-core -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-theme -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -tags wp-plugin,wp-theme -severity critical,high
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'cross-site scripting') || contains(to_upper(name),'XSS')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'sql injection') || contains(to_lower(description),'sql injection')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_lower(name),'file inclusion') || contains(to_lower(description),'file inclusion')" -u https://target.com
nuclei -t github/topscoder/nuclei-wordfence-cve -template-condition "contains(to_upper(name),'CSRF') || contains(to_upper(description),'CSRF')" -u https://target.com

Contributing

If you would like to contribute to this project, please feel free to fork the repository and submit a pull request.

Protecting Customized Templates

To prevent accidental overwrites, you can mark templates you've manually customized with a comment at the end. Add the line # Enhanced as the last line of the template file.

License

This project is licensed under the MIT License.

Contact

If you have any questions or feedback, please feel free to contact the project maintainers.

~~ Please use it responsibly!