Modified http/cves/2023/CVE-2023-32243.yaml for better detection

[bob-the-builder-v]

Template / PR Information

The earlier version of the template had only one method for username detection, in case it didn't work the template said the endpoint is not vulnerable.

In reality, there are multiple methods like RSS feeds, Yoast Sitemap, etc to get usernames.

So, the proper approach here would be to find if the plugin "essential-addons-for-elementor-lite" is installed and then check if: "5.4.0" <= version <= "5.7.1":

• Updated CVE-2023-32243
• References: https://github.com/RandomRobbieBF/CVE-2023-32243/blob/main/exploit.py

Template Validation

I've validated this template locally?

• YES
• NO

Additional Details (leave it blank if not applicable)

Additional References:

• Nuclei Template Creation Guideline
• Nuclei Template Matcher Guideline
• Nuclei Template Contribution Guideline
• PD-Community Discord server

[DhiyaneshGeek]

Hi @bob-the-builder-v i have added the possible username enumeration endpoints

such as /wp-json/wp/v2/users/, /?rest_route=/wp/v2/users, /feed/, /author-sitemap.xml

i observed that sometimes nonce are not generated in the first request, found wp-login.php mostly contained nonce value by default

Thank you so much for pointing out the missing endpoint, appreciate it 😄

You can join our discord server. It’s a great place to connect with fellow contributors and stay updated with the latest developments. Thank you once again