From 4e6cabb33133c2b943907d67ced6f95b762f2b18 Mon Sep 17 00:00:00 2001
From: Sam Stepanyan <sam.stepanyan@owasp.org>
Date: Wed, 18 Sep 2024 08:46:23 +0100
Subject: [PATCH 1/2] Updated wp_plugin.yaml

Minor improvements - added plugin version to regex and fixed overlooked previously copy-pasted text from another module

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---
 nettacker/modules/scan/wp_plugin.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/nettacker/modules/scan/wp_plugin.yaml b/nettacker/modules/scan/wp_plugin.yaml
index 034350303..9430450b3 100644
--- a/nettacker/modules/scan/wp_plugin.yaml
+++ b/nettacker/modules/scan/wp_plugin.yaml
@@ -1,13 +1,12 @@
 info:
-  name: wordpress_version_scan
+  name: wp_plugin_scan
   author: OWASP Nettacker Team
   severity: 3
-  description: Directory, Backup finder
+  description: WordPress plugin finder. Uses wordlists/wp_plugin_small.txt which lists plugins with previously known vulnerabilities
   reference:
   profiles:
     - scan
     - http
-    - backup
     - low_severity
     - wp
     - wordpress
@@ -44,6 +43,9 @@ payloads:
             content:
               regex: "Tags:"
               reverse: false
+            content:
+              regex: Stable\stag:\s(\d+.\d+.\d+)
+              reverse: false  
             status_code:
               regex: "200"
               reverse: false

From b62c0379007e626f300dc0350b42cd2b89d098a4 Mon Sep 17 00:00:00 2001
From: Sam Stepanyan <sam.stepanyan@owasp.org>
Date: Wed, 18 Sep 2024 09:06:58 +0100
Subject: [PATCH 2/2] Update wp_plugin.yaml

yaml update

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---
 nettacker/modules/scan/wp_plugin.yaml | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/nettacker/modules/scan/wp_plugin.yaml b/nettacker/modules/scan/wp_plugin.yaml
index 9430450b3..ccb55b286 100644
--- a/nettacker/modules/scan/wp_plugin.yaml
+++ b/nettacker/modules/scan/wp_plugin.yaml
@@ -1,16 +1,16 @@
 info:
-  name: wp_plugin_scan
+  name: wordpress_version_scan
   author: OWASP Nettacker Team
   severity: 3
-  description: WordPress plugin finder. Uses wordlists/wp_plugin_small.txt which lists plugins with previously known vulnerabilities
+  description: Directory, Backup finder
   reference:
   profiles:
     - scan
     - http
+    - backup
     - low_severity
     - wp
     - wordpress
-
 payloads:
   - library: http
     steps:
@@ -35,17 +35,13 @@ payloads:
                 - 443
               #We are using small txt file. Work need to be done for handling user input based format files
               paths:
-                read_from_file: wordlists/wp_plugin_small.txt
-              
+                read_from_file: wordlists/wp_plugin_small.txt            
         response:
           condition_type: and
           conditions:
             content:
-              regex: "Tags:"
+              regex: Stable\stag:\s(\d+\.\d+\.\d+)
               reverse: false
-            content:
-              regex: Stable\stag:\s(\d+.\d+.\d+)
-              reverse: false  
             status_code:
               regex: "200"
               reverse: false