diff --git a/plugins/secrets-exposure.json b/plugins/secrets-exposure.json
new file mode 100644
index 0000000..df4b550
--- /dev/null
+++ b/plugins/secrets-exposure.json
@@ -0,0 +1,14 @@
+{
+    "name": "Kubernetes Secrets Exposure",
+    "protocol": "http",
+    "path": [
+        "/api/v1/secrets",
+        "/api/v1/secret"
+    ],
+    "detector": [
+        "kind\":\"SecretList"
+    ],
+    "platform": "on-premise/cloud",
+    "type": "core-component",
+    "severity": "vulnerability/misconfiguration"
+}