Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Lexy:~/Área de Trabalho$ sudo wpscan -u https://homologacao.aacd.org.br/
- [sudo] senha para lexy:
- _______________________________________________________________
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 2.9.4
- Sponsored by Sucuri - https://sucuri.net
- @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
- _______________________________________________________________
- [i] It seems like you have not updated the database for some time
- [i] Last database update: 2018-12-28
- [?] Do you want to update now? [Y]es [N]o [A]bort update, default: [N] > n
- [+] URL: https://homologacao.aacd.org.br/
- [+] Started: Tue May 21 14:52:39 2019
- [+] Interesting header: LINK: <https://homologacao.aacd.org.br/index.php?rest_route=/>; rel="https://api.w.org/"
- [+] Interesting header: SERVER: Apache/2.2.22 (Debian)
- [+] Interesting header: X-POWERED-BY: PHP/5.4.45-0+deb7u14
- [+] robots.txt available under: https://homologacao.aacd.org.br/robots.txt [HTTP 200]
- [+] Interesting entry from robots.txt: Sitemap: https://aacd.org.br/sitemap.xml [HTTP 0]
- [+] Sitemap found: https://homologacao.aacd.org.br/robots.txt [HTTP 200]
- [+] Sitemap entry: https://aacd.org.br/sitemap.xml [HTTP 200]
- [+] XML-RPC Interface available under: https://homologacao.aacd.org.br/xmlrpc.php [HTTP 405]
- [!] Upload directory has directory listing enabled: https://homologacao.aacd.org.br/wp-content/uploads/
- [!] Includes directory has directory listing enabled: https://homologacao.aacd.org.br/wp-includes/
- [+] Enumerating WordPress version ...
- [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting
- [!] 7 vulnerabilities identified from the version number
- [!] Title: WordPress <= 5.0 - Authenticated File Delete
- Reference: https://wpvulndb.com/vulnerabilities/9169
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
- Reference: https://wpvulndb.com/vulnerabilities/9170
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
- Reference: https://wpvulndb.com/vulnerabilities/9171
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
- Reference: https://wpvulndb.com/vulnerabilities/9172
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
- Reference: https://wpvulndb.com/vulnerabilities/9173
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
- Reference: https://wpvulndb.com/vulnerabilities/9174
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
- [i] Fixed in: 5.0.1
- [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
- Reference: https://wpvulndb.com/vulnerabilities/9175
- Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- Reference: https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
- [i] Fixed in: 5.0.1
- [+] WordPress theme in use: newaacd - v1.0
- [+] Name: newaacd - v1.0
- | Location: https://homologacao.aacd.org.br/wp-content/themes/newaacd/
- | Style URL: https://homologacao.aacd.org.br/wp-content/themes/newaacd/style.css
- | Theme Name: AACD
- | Theme URI: http://yeahdigital.com.br
- | Description: Tema para o cliente AACD
- | Author: George Rodrigues (facebook.com/georgeesrodrigues)
- | Author URI: https://www.facebook.com/georgeesrodrigues
- [+] Enumerating plugins from passive detection ...
- | 7 plugins found:
- [+] Name: advanced-iframe - v7.1.3
- | Last updated: 2018-12-16T23:40:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/advanced-iframe/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/advanced-iframe/readme.txt
- [!] The version is out of date, the latest version is 7.6
- [+] Name: contact-form-7 - v4.5
- | Last updated: 2018-12-18T18:05:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/readme.txt
- [!] The version is out of date, the latest version is 5.1.1
- [!] Directory listing is enabled: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/
- [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
- Reference: https://wpvulndb.com/vulnerabilities/9127
- Reference: https://contactform7.com/2018/09/04/contact-form-7-504/
- Reference: https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
- Reference: https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
- Reference: https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
- Reference: https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
- Reference: https://www.ripstech.com/php-security-calendar-2018/#day-18
- [i] Fixed in: 5.0.4
- [+] Name: flickr-album-gallery - v1.5.4.2
- | Last updated: 2018-12-24T11:08:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/readme.txt
- [!] The version is out of date, the latest version is 1.9.7
- [!] Directory listing is enabled: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/
- [+] Name: wpgform - v0.86
- | Last updated: 2018-08-05T16:08:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/wpgform/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/wpgform/readme.txt
- [!] The version is out of date, the latest version is 0.95
- [!] Title: Google Forms 0.84-0.87 - Unauthenticated PHP Object Injection
- Reference: https://wpvulndb.com/vulnerabilities/8726
- Reference: https://sumofpwn.nl/advisory/2016/google_forms_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html
- Reference: http://seclists.org/fulldisclosure/2017/Jan/70
- [i] Fixed in: 0.91
- [!] Title: Google Forms <= 0.91 - Unauthenticated Server-Side Request Forgery (SSRF)
- Reference: https://wpvulndb.com/vulnerabilities/9013
- Reference: https://klikki.fi/adv/wpgform.html
- Reference: https://plugins.trac.wordpress.org/changeset/1796931/wpgform
- [i] Fixed in: 0.92
- [+] Name: youtube-embed-plus - v11.4
- | Last updated: 2018-12-10T05:17:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/youtube-embed-plus/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/youtube-embed-plus/readme.txt
- [!] The version is out of date, the latest version is 13.0
- [!] Title: YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)
- Reference: https://wpvulndb.com/vulnerabilities/8873
- Reference: https://security.dxw.com/advisories/csrf-in-youtube-plugin/
- Reference: http://seclists.org/fulldisclosure/2017/Jul/64
- [i] Fixed in: 11.8.2
- [+] Name: w3-total-cache - v0.9.4.1
- | Last updated: 2018-04-25T21:31:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/readme.txt
- | Changelog: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/changelog.txt
- [!] The version is out of date, the latest version is 0.9.7
- [!] Title: W3 Total Cache <= 0.9.4.1 - Authenticated Reflected Cross-Site Scripting (XSS)
- Reference: https://wpvulndb.com/vulnerabilities/8625
- Reference: https://blog.zerial.org/seguridad/vulnerabilidad-cross-site-scripting-en-wordpress-w3-total-cache/
- Reference: http://seclists.org/fulldisclosure/2016/Sep/52
- Reference: https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.html
- Reference: http://seclists.org/fulldisclosure/2016/Nov/63
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass
- Reference: https://wpvulndb.com/vulnerabilities/8626
- Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
- Reference: https://wpvulndb.com/vulnerabilities/8627
- Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
- Reference: https://wpvulndb.com/vulnerabilities/8628
- Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary PHP Code Execution
- Reference: https://wpvulndb.com/vulnerabilities/8629
- Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
- Reference: https://wpvulndb.com/vulnerabilities/8644
- Reference: https://klikki.fi/adv/w3_total_cache.html
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 - Weak Validation of Amazon SNS Push Messages
- Reference: https://wpvulndb.com/vulnerabilities/8654
- Reference: https://sumofpwn.nl/advisory/2016/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html
- Reference: http://seclists.org/fulldisclosure/2016/Nov/61
- [i] Fixed in: 0.9.5
- [!] Title: W3 Total Cache <= 0.9.4.1 - Information Disclosure Race Condition
- Reference: https://wpvulndb.com/vulnerabilities/8655
- Reference: https://sumofpwn.nl/advisory/2016/information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.html
- Reference: http://seclists.org/fulldisclosure/2016/Nov/62
- [i] Fixed in: 0.9.5
- [+] Name: wordpress-seo - v3.5
- | Last updated: 2018-12-18T09:25:00.000Z
- | Location: https://homologacao.aacd.org.br/wp-content/plugins/wordpress-seo/
- | Readme: https://homologacao.aacd.org.br/wp-content/plugins/wordpress-seo/readme.txt
- [!] The version is out of date, the latest version is 9.3
- [!] Title: Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS)
- Reference: https://wpvulndb.com/vulnerabilities/8960
- Reference: https://plugins.trac.wordpress.org/changeset/1766831/wordpress-seo/trunk/admin/google_search_console/class-gsc-table.php
- Reference: https://packetstormsecurity.com/files/145080/WordPress-Yoast-SEO-Cross-Site-Scripting.html
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16842
- [i] Fixed in: 5.8
- [!] Title: Yoast SEO <= 9.1 - Authenticated Race Condition
- Reference: https://wpvulndb.com/vulnerabilities/9150
- Reference: https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
- Reference: https://www.youtube.com/watch?v=nL141dcDGCY
- Reference: http://packetstormsecurity.com/files/150497/
- Reference: https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19370
- [i] Fixed in: 9.2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement