From fdfb2d079f413e1dafc20626fbc7935febccb721 Mon Sep 17 00:00:00 2001 From: Dustin Born Date: Fri, 9 Aug 2024 19:09:20 +0200 Subject: [PATCH] Add exploit to fix test case --- tests/test_exploit_completeness.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/test_exploit_completeness.py b/tests/test_exploit_completeness.py index 190517c..640bd36 100755 --- a/tests/test_exploit_completeness.py +++ b/tests/test_exploit_completeness.py @@ -14,7 +14,7 @@ def test_search_wp_572(self): self.maxDiff = None query = 'cpe:2.3:a:wordpress:wordpress:5.7.2:*:*:*:*:*:*:*' result = search_vulns.search_vulns(query=query, add_other_exploit_refs=True, is_good_cpe=True) - expected_exploits = ['https://www.exploit-db.com/exploits/50663', 'http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html', 'https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661', 'https://github.com/safe3s/CVE-2022-21661', 'https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection', 'https://github.com/WellingtonEspindula/SSI-CVE-2022-21661', 'https://github.com/daniel616/CVE-2022-21661-Demo', 'https://github.com/purple-WL/wordpress-CVE-2022-21661', 'https://github.com/sealldeveloper/CVE-2022-21661-PoC', 'https://github.com/z92g/CVE-2022-21661', 'https://www.exploit-db.com/exploits/38936', 'http://www.securityfocus.com/bid/64587', 'https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/', 'http://plugins.trac.wordpress.org/changeset/490070/my-calendar', 'http://plugins.trac.wordpress.org/changeset/435356/scormcloud', 'https://blog.sonarsource.com/wordpress-object-injection-vulnerability/', 'http://plugins.trac.wordpress.org/changeset?old_path=%2Fbad-behavior&old=543807&new_path=%2Fbad-behavior&new=543807', 'https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/', 'https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner', 'https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/', 'https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve', 'https://github.com/guestzz/CVE-2022-21661', 'https://github.com/pog007/CVE-2023-5561-PoC', 'https://github.com/p4ncontomat3/CVE-2022-21661', 'https://github.com/CharonDefalt/WordPress--CVE-2022-21661', 'https://github.com/michael-david-fry/CVE-2023-22622'] + expected_exploits = ['https://www.exploit-db.com/exploits/50663', 'http://packetstormsecurity.com/files/165540/WordPress-Core-5.8.2-SQL-Injection.html', 'https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661', 'https://github.com/safe3s/CVE-2022-21661', 'https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection', 'https://github.com/WellingtonEspindula/SSI-CVE-2022-21661', 'https://github.com/daniel616/CVE-2022-21661-Demo', 'https://github.com/purple-WL/wordpress-CVE-2022-21661', 'https://github.com/sealldeveloper/CVE-2022-21661-PoC', 'https://github.com/z92g/CVE-2022-21661', 'https://www.exploit-db.com/exploits/38936', 'http://www.securityfocus.com/bid/64587', 'https://vavkamil.cz/2021/11/25/wordpress-plugin-confusion-update-can-get-you-pwned/', 'http://plugins.trac.wordpress.org/changeset/490070/my-calendar', 'http://plugins.trac.wordpress.org/changeset/435356/scormcloud', 'https://blog.sonarsource.com/wordpress-object-injection-vulnerability/', 'http://plugins.trac.wordpress.org/changeset?old_path=%2Fbad-behavior&old=543807&new_path=%2Fbad-behavior&new=543807', 'https://blog.sonarsource.com/wordpress-core-unauthenticated-blind-ssrf/', 'https://github.com/hxlxmjxbbxs/CVE-2022-3590-WordPress-Vulnerability-Scanner', 'https://wpscan.com/blog/email-leak-oracle-vulnerability-addressed-in-wordpress-6-3-2/', 'https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve', 'https://github.com/guestzz/CVE-2022-21661', 'https://github.com/pog007/CVE-2023-5561-PoC', 'https://github.com/p4ncontomat3/CVE-2022-21661', 'https://github.com/CharonDefalt/WordPress--CVE-2022-21661', 'https://github.com/michael-david-fry/CVE-2023-22622', 'https://github.com/huynhvanphuc/CVE-2022-3590-WordPress-Vulnerability-Scanner'] result_exploits = [] for cve in result[query]['vulns']: data = result[query]['vulns'].get(cve)