Exploit modules in WordPress Exploit Framework often have a name which is similar to what is recorded in the WPScan Vulnerability Database, but not exactly the same.
The name in the module is Creative Contact Form Shell Upload whereas the name in the WPScan Vulnerability Database is Creative Contact Form <= 0.9.7 Shell Upload. This makes searching by name difficult...
Every vulnerability recorded in the WPScan Vulnerability Database has a unique ID. The author of module in my example has included the ID under references:
So what I'm proposing is the ability to search WordPress Exploit Framework using the WPScan Vulnerability Database ID (WPVDB ID).
Searching by ID has several advantages, such as:
IDs are immutable (they should never change) whereas a title might change, for example if a vulnerability is submitted with a typo/spelling mistake.
If a vulnerability includes punctuation in the name such as a hyphen, it is easy for this to be reproduced incorrectly (‒, –, —, ―). There's no such ambiguity with a numeric ID.
If in the future the WPScan Vulnerability Database decides to support multiple languages, the ID remains consistent across languages.
Exploit modules in WordPress Exploit Framework often have a name which is similar to what is recorded in the WPScan Vulnerability Database, but not exactly the same.
Here is an example: https://github.com/rastating/wordpress-exploit-framework/blob/44621065a15128c67d28bcfa919d6203a4d1a7cb/lib/wpxf/modules/exploit/shell/creative_contact_form_shell_upload.rb#L3-L25
The name in the module is
Creative Contact Form Shell Upload
whereas the name in the WPScan Vulnerability Database isCreative Contact Form <= 0.9.7 Shell Upload
. This makes searching by name difficult...Every vulnerability recorded in the WPScan Vulnerability Database has a unique ID. The author of module in my example has included the ID under
references
:So what I'm proposing is the ability to search WordPress Exploit Framework using the WPScan Vulnerability Database ID (WPVDB ID).
Searching by ID has several advantages, such as: