API tools faq
paste
Advertisement
Guest User

sexmasterka.com wpscan

a guest
Jul 21st, 2016
8,884
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.55 KB | None | 0 0
raw download clone embed print report
  1. [+] URL: http://sexmasterka.com/
  2. [+] Started: Thu Jul 21 12:27:16 2016
  3.  
  4. [+] Interesting header: SERVER: LiteSpeed
  5.  
  6. [+] WordPress version 4.5.3 (Released on 2016-06-21) identified from meta generator, advanced fingerprinting, links opml
  7.  
  8. [+] WordPress theme in use: sexmasterka - v1.1
  9.  
  10. [+] Name: sexmasterka - v1.1
  11. | Location: http://sexmasterka.com/wp-content/themes/sexmasterka/
  12. | Style URL: http://sexmasterka.com/wp-content/themes/sexmasterka/style.css
  13. | Theme Name: SEXMASTERKA
  14. | Theme URI: http://eatnet.pl
  15. | Description: Motyw przygotowany dla SEXMASTERKA
  16. | Author: EATNET
  17. | Author URI: http://eatnet.pl
  18.  
  19. [+] Detected parent theme: Divi - v2.7.5
  20.  
  21. [+] Name: Divi - v2.7.5
  22. | Location: http://sexmasterka.com/wp-content/themes/Divi/
  23. | Changelog: http://sexmasterka.com/wp-content/themes/Divi/changelog.txt
  24. | Style URL: http://sexmasterka.com/wp-content/themes/Divi/style.css
  25. | Theme Name: Divi
  26. | Theme URI: http://www.elegantthemes.com/gallery/divi/
  27. | Description: Smart. Flexible. Beautiful. Divi is the most powerful theme inour collection.
  28. | Author: Elegant Themes
  29. | Author URI: http://www.elegantthemes.com
  30.  
  31. [+] Enumerating plugins from passive detection ...
  32. | 3 plugins found:
  33.  
  34. [+] Name: bwp-minify
  35. | Latest version: 1.3.3
  36. | Location: http://sexmasterka.com/wp-content/plugins/bwp-minify/
  37.  
  38. [+] Name: easy-digital-downloads
  39. | Latest version: 2.6.4
  40. | Location: http://sexmasterka.com/wp-content/plugins/easy-digital-downloads/
  41.  
  42. [!] We could not determine a version so all vulnerabilities are printed out
  43.  
  44. [!] Title: Easy Digital Downloads <= 2.5.7 - PHP Object Injection
  45. Reference: https://wpvulndb.com/vulnerabilities/8404
  46. Reference: https://github.com/easydigitaldownloads/Easy-Digital-Downloads/commit/7e83d2737b430c76f515b5433ee067fa5e6b1d4f
  47. [i] Fixed in: 2.5.8
  48.  
  49. [+] Name: wp-super-cache
  50. | Latest version: 1.4.8
  51. | Location: http://sexmasterka.com/wp-content/plugins/wp-super-cache/
  52.  
  53. [!] We could not determine a version so all vulnerabilities are printed out
  54.  
  55. [!] Title: WP-Super-Cache 1.3 - Remote Code Execution
  56. Reference: https://wpvulndb.com/vulnerabilities/6623
  57. Reference: http://www.acunetix.com/blog/web-security-zone/wp-plugins-remote-code-execution/
  58. Reference: http://wordpress.org/support/topic/pwn3d
  59. Reference: http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
  60. [i] Fixed in: 1.3.1
  61.  
  62. [!] Title: WP Super Cache 1.3 - trunk/wp-cache.php wp_nonce_url Function URI XSS
  63.  
  64. Reference: https://wpvulndb.com/vulnerabilities/6624
  65. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  66. [i] Fixed in: 1.3.1
  67.  
  68. [!] Title: WP Super Cache 1.3 - trunk/plugins/wptouch.php URI XSS
  69. Reference: https://wpvulndb.com/vulnerabilities/6625
  70. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  71. [i] Fixed in: 1.3.1
  72.  
  73. [!] Title: WP Super Cache 1.3 - trunk/plugins/searchengine.php URI XSS
  74. Reference: https://wpvulndb.com/vulnerabilities/6626
  75. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  76. [i] Fixed in: 1.3.1
  77.  
  78. [!] Title: WP Super Cache 1.3 - trunk/plugins/domain-mapping.php URI XSS
  79. Reference: https://wpvulndb.com/vulnerabilities/6627
  80. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  81. [i] Fixed in: 1.3.1
  82.  
  83. [!] Title: WP Super Cache 1.3 - trunk/plugins/badbehaviour.php URI XSS
  84. Reference: https://wpvulndb.com/vulnerabilities/6628
  85. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  86. [i] Fixed in: 1.3.1
  87.  
  88. [!] Title: WP Super Cache 1.3 - trunk/plugins/awaitingmoderation.php URI XSS
  89. Reference: https://wpvulndb.com/vulnerabilities/6629
  90. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2008
  91. [i] Fixed in: 1.3.1
  92.  
  93. [!] Title: WP Super Cache <= 1.4.2 - Persistent Cross-Site Scripting (XSS)
  94. Reference: https://wpvulndb.com/vulnerabilities/7889
  95. Reference: http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
  96. [i] Fixed in: 1.4.3
  97.  
  98. [!] Title: WP Super Cache <= 1.4.4 - Cross-Site Scripting (XSS)
  99. Reference: https://wpvulndb.com/vulnerabilities/8197
  100. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
  101. [i] Fixed in: 1.4.5
  102.  
  103. [!] Title: WP Super Cache <= 1.4.4 - PHP Object Injection
  104. Reference: https://wpvulndb.com/vulnerabilities/8198
  105. Reference: http://z9.io/2015/09/25/wp-super-cache-1-4-5/
  106. [i] Fixed in: 1.4.5
  107.  
  108. [+] Finished: Thu Jul 21 12:27:58 2016
  109. [+] Requests Done: 89
  110. [+] Elapsed time: 00:00:42
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!