feat(cve-2016-15043): Add template for WP Mobile Detector file read

[DanLika]

/claim projectdiscovery#14673

This PR adds a Nuclei template for CVE-2016-15043, a critical unrestricted file upload vulnerability in the WP Mobile Detector WordPress plugin, which is also listed in the CISA KEV catalog.

Rationale/Logic

The vulnerability exists in the resize.php file, which fetches content from a user-supplied src parameter and saves it to the cache/ directory. While the intended exploit leads to RCE via an external URL, this template uses a more reliable, self-contained method to demonstrate critical impact.

The template leverages the vulnerability for Arbitrary File Read by:

1. Sending a request to resize.php with src pointing to the local wp-config.php file (../../../wp-config.php).
2. This action causes the plugin to copy the contents of wp-config.php into a publicly accessible file at /wp-content/plugins/wp-mobile-detector/cache/wp-config.php.
3. A second request retrieves this newly created file.

The matchers confirm the vulnerability by verifying the presence of database credential definitions (DB_NAME, DB_USER, DB_PASSWORD) in the response. This approach provides a complete and high-impact Proof-of-Concept without relying on external collaborators.

References

• https://wpscan.com/vulnerability/e4739674-eed4-417e-8c4d-2f5351b057cf
• https://blog.sucuri.net/2016/06/wp-mobile-detector-vulnerability-being-exploited-in-the-wild.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-15043
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Template Validation

• The template has been validated with nuclei -validate.

[D3nverNg]

Bruh bro, if you’re aiming for a bounty, at least write your own template instead of recycling mine 🐧