API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 21st, 2019
152
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.40 KB | None | 0 0
raw download clone embed print report
  1. Lexy:~/Área de Trabalho$ sudo wpscan -u https://homologacao.aacd.org.br/
  2. [sudo] senha para lexy:
  3. _______________________________________________________________
  4. __ _______ _____
  5. \ \ / / __ \ / ____|
  6. \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
  7. \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
  8. \ /\ / | | ____) | (__| (_| | | | |
  9. \/ \/ |_| |_____/ \___|\__,_|_| |_|
  10.  
  11. WordPress Security Scanner by the WPScan Team
  12. Version 2.9.4
  13. Sponsored by Sucuri - https://sucuri.net
  14. @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
  15. _______________________________________________________________
  16.  
  17.  
  18. [i] It seems like you have not updated the database for some time
  19. [i] Last database update: 2018-12-28
  20. [?] Do you want to update now? [Y]es [N]o [A]bort update, default: [N] > n
  21. [+] URL: https://homologacao.aacd.org.br/
  22. [+] Started: Tue May 21 14:52:39 2019
  23.  
  24. [+] Interesting header: LINK: <https://homologacao.aacd.org.br/index.php?rest_route=/>; rel="https://api.w.org/"
  25. [+] Interesting header: SERVER: Apache/2.2.22 (Debian)
  26. [+] Interesting header: X-POWERED-BY: PHP/5.4.45-0+deb7u14
  27. [+] robots.txt available under: https://homologacao.aacd.org.br/robots.txt [HTTP 200]
  28. [+] Interesting entry from robots.txt: Sitemap: https://aacd.org.br/sitemap.xml [HTTP 0]
  29. [+] Sitemap found: https://homologacao.aacd.org.br/robots.txt [HTTP 200]
  30. [+] Sitemap entry: https://aacd.org.br/sitemap.xml [HTTP 200]
  31. [+] XML-RPC Interface available under: https://homologacao.aacd.org.br/xmlrpc.php [HTTP 405]
  32. [!] Upload directory has directory listing enabled: https://homologacao.aacd.org.br/wp-content/uploads/
  33. [!] Includes directory has directory listing enabled: https://homologacao.aacd.org.br/wp-includes/
  34.  
  35. [+] Enumerating WordPress version ...
  36.  
  37. [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting
  38. [!] 7 vulnerabilities identified from the version number
  39.  
  40. [!] Title: WordPress <= 5.0 - Authenticated File Delete
  41. Reference: https://wpvulndb.com/vulnerabilities/9169
  42. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  43. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  44. [i] Fixed in: 5.0.1
  45.  
  46. [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  47. Reference: https://wpvulndb.com/vulnerabilities/9170
  48. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  49. Reference: https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  50. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  51. [i] Fixed in: 5.0.1
  52.  
  53. [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  54. Reference: https://wpvulndb.com/vulnerabilities/9171
  55. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  56. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  57. [i] Fixed in: 5.0.1
  58.  
  59. [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  60. Reference: https://wpvulndb.com/vulnerabilities/9172
  61. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  62. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  63. [i] Fixed in: 5.0.1
  64.  
  65. [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  66. Reference: https://wpvulndb.com/vulnerabilities/9173
  67. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  68. Reference: https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  69. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  70. [i] Fixed in: 5.0.1
  71.  
  72. [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  73. Reference: https://wpvulndb.com/vulnerabilities/9174
  74. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  75. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  76. [i] Fixed in: 5.0.1
  77.  
  78. [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  79. Reference: https://wpvulndb.com/vulnerabilities/9175
  80. Reference: https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  81. Reference: https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
  82. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  83. [i] Fixed in: 5.0.1
  84.  
  85. [+] WordPress theme in use: newaacd - v1.0
  86.  
  87. [+] Name: newaacd - v1.0
  88. | Location: https://homologacao.aacd.org.br/wp-content/themes/newaacd/
  89. | Style URL: https://homologacao.aacd.org.br/wp-content/themes/newaacd/style.css
  90. | Theme Name: AACD
  91. | Theme URI: http://yeahdigital.com.br
  92. | Description: Tema para o cliente AACD
  93. | Author: George Rodrigues (facebook.com/georgeesrodrigues)
  94. | Author URI: https://www.facebook.com/georgeesrodrigues
  95.  
  96. [+] Enumerating plugins from passive detection ...
  97. | 7 plugins found:
  98.  
  99. [+] Name: advanced-iframe - v7.1.3
  100. | Last updated: 2018-12-16T23:40:00.000Z
  101. | Location: https://homologacao.aacd.org.br/wp-content/plugins/advanced-iframe/
  102. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/advanced-iframe/readme.txt
  103. [!] The version is out of date, the latest version is 7.6
  104.  
  105. [+] Name: contact-form-7 - v4.5
  106. | Last updated: 2018-12-18T18:05:00.000Z
  107. | Location: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/
  108. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/readme.txt
  109. [!] The version is out of date, the latest version is 5.1.1
  110. [!] Directory listing is enabled: https://homologacao.aacd.org.br/wp-content/plugins/contact-form-7/
  111.  
  112. [!] Title: Contact Form 7 <= 5.0.3 - register_post_type() Privilege Escalation
  113. Reference: https://wpvulndb.com/vulnerabilities/9127
  114. Reference: https://contactform7.com/2018/09/04/contact-form-7-504/
  115. Reference: https://plugins.trac.wordpress.org/changeset/1935726/contact-form-7
  116. Reference: https://plugins.trac.wordpress.org/changeset/1934594/contact-form-7
  117. Reference: https://plugins.trac.wordpress.org/changeset/1934343/contact-form-7
  118. Reference: https://plugins.trac.wordpress.org/changeset/1934327/contact-form-7
  119. Reference: https://www.ripstech.com/php-security-calendar-2018/#day-18
  120. [i] Fixed in: 5.0.4
  121.  
  122. [+] Name: flickr-album-gallery - v1.5.4.2
  123. | Last updated: 2018-12-24T11:08:00.000Z
  124. | Location: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/
  125. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/readme.txt
  126. [!] The version is out of date, the latest version is 1.9.7
  127. [!] Directory listing is enabled: https://homologacao.aacd.org.br/wp-content/plugins/flickr-album-gallery/
  128.  
  129. [+] Name: wpgform - v0.86
  130. | Last updated: 2018-08-05T16:08:00.000Z
  131. | Location: https://homologacao.aacd.org.br/wp-content/plugins/wpgform/
  132. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/wpgform/readme.txt
  133. [!] The version is out of date, the latest version is 0.95
  134.  
  135. [!] Title: Google Forms 0.84-0.87 - Unauthenticated PHP Object Injection
  136. Reference: https://wpvulndb.com/vulnerabilities/8726
  137. Reference: https://sumofpwn.nl/advisory/2016/google_forms_wordpress_plugin_unauthenticated_php_object_injection_vulnerability.html
  138. Reference: http://seclists.org/fulldisclosure/2017/Jan/70
  139. [i] Fixed in: 0.91
  140.  
  141. [!] Title: Google Forms <= 0.91 - Unauthenticated Server-Side Request Forgery (SSRF)
  142. Reference: https://wpvulndb.com/vulnerabilities/9013
  143. Reference: https://klikki.fi/adv/wpgform.html
  144. Reference: https://plugins.trac.wordpress.org/changeset/1796931/wpgform
  145. [i] Fixed in: 0.92
  146.  
  147. [+] Name: youtube-embed-plus - v11.4
  148. | Last updated: 2018-12-10T05:17:00.000Z
  149. | Location: https://homologacao.aacd.org.br/wp-content/plugins/youtube-embed-plus/
  150. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/youtube-embed-plus/readme.txt
  151. [!] The version is out of date, the latest version is 13.0
  152.  
  153. [!] Title: YouTube Embed <= 11.8.1 - Cross-Site Request Forgery (CSRF)
  154. Reference: https://wpvulndb.com/vulnerabilities/8873
  155. Reference: https://security.dxw.com/advisories/csrf-in-youtube-plugin/
  156. Reference: http://seclists.org/fulldisclosure/2017/Jul/64
  157. [i] Fixed in: 11.8.2
  158.  
  159. [+] Name: w3-total-cache - v0.9.4.1
  160. | Last updated: 2018-04-25T21:31:00.000Z
  161. | Location: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/
  162. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/readme.txt
  163. | Changelog: https://homologacao.aacd.org.br/wp-content/plugins/w3-total-cache/changelog.txt
  164. [!] The version is out of date, the latest version is 0.9.7
  165.  
  166. [!] Title: W3 Total Cache <= 0.9.4.1 - Authenticated Reflected Cross-Site Scripting (XSS)
  167. Reference: https://wpvulndb.com/vulnerabilities/8625
  168. Reference: https://blog.zerial.org/seguridad/vulnerabilidad-cross-site-scripting-en-wordpress-w3-total-cache/
  169. Reference: http://seclists.org/fulldisclosure/2016/Sep/52
  170. Reference: https://sumofpwn.nl/advisory/2016/reflected_cross_site_scripting_vulnerability_in_w3_total_cache_plugin.html
  171. Reference: http://seclists.org/fulldisclosure/2016/Nov/63
  172. [i] Fixed in: 0.9.5
  173.  
  174. [!] Title: W3 Total Cache <= 0.9.4.1 – Unauthenticated Security Token Bypass
  175. Reference: https://wpvulndb.com/vulnerabilities/8626
  176. Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  177. [i] Fixed in: 0.9.5
  178.  
  179. [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Upload
  180. Reference: https://wpvulndb.com/vulnerabilities/8627
  181. Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  182. [i] Fixed in: 0.9.5
  183.  
  184. [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary File Download
  185. Reference: https://wpvulndb.com/vulnerabilities/8628
  186. Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  187. [i] Fixed in: 0.9.5
  188.  
  189. [!] Title: W3 Total Cache <= 0.9.4.1 – Authenticated Arbitrary PHP Code Execution
  190. Reference: https://wpvulndb.com/vulnerabilities/8629
  191. Reference: https://secupress.me/blog/4-new-security-flaws-w3-total-cache-0-9-4-1/
  192. [i] Fixed in: 0.9.5
  193.  
  194. [!] Title: W3 Total Cache <= 0.9.4 - Unauthenticated Server Side Request Forgery (SSRF)
  195. Reference: https://wpvulndb.com/vulnerabilities/8644
  196. Reference: https://klikki.fi/adv/w3_total_cache.html
  197. [i] Fixed in: 0.9.5
  198.  
  199. [!] Title: W3 Total Cache <= 0.9.4.1 - Weak Validation of Amazon SNS Push Messages
  200. Reference: https://wpvulndb.com/vulnerabilities/8654
  201. Reference: https://sumofpwn.nl/advisory/2016/weak_validation_of_amazon_sns_push_messages_in_w3_total_cache_wordpress_plugin.html
  202. Reference: http://seclists.org/fulldisclosure/2016/Nov/61
  203. [i] Fixed in: 0.9.5
  204.  
  205. [!] Title: W3 Total Cache <= 0.9.4.1 - Information Disclosure Race Condition
  206. Reference: https://wpvulndb.com/vulnerabilities/8655
  207. Reference: https://sumofpwn.nl/advisory/2016/information_disclosure_race_condition_in_w3_total_cache_wordpress_plugin.html
  208. Reference: http://seclists.org/fulldisclosure/2016/Nov/62
  209. [i] Fixed in: 0.9.5
  210.  
  211. [+] Name: wordpress-seo - v3.5
  212. | Last updated: 2018-12-18T09:25:00.000Z
  213. | Location: https://homologacao.aacd.org.br/wp-content/plugins/wordpress-seo/
  214. | Readme: https://homologacao.aacd.org.br/wp-content/plugins/wordpress-seo/readme.txt
  215. [!] The version is out of date, the latest version is 9.3
  216.  
  217. [!] Title: Yoast SEO <= 5.7.1 - Authenticated Cross-Site Scripting (XSS)
  218. Reference: https://wpvulndb.com/vulnerabilities/8960
  219. Reference: https://plugins.trac.wordpress.org/changeset/1766831/wordpress-seo/trunk/admin/google_search_console/class-gsc-table.php
  220. Reference: https://packetstormsecurity.com/files/145080/WordPress-Yoast-SEO-Cross-Site-Scripting.html
  221. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16842
  222. [i] Fixed in: 5.8
  223.  
  224. [!] Title: Yoast SEO <= 9.1 - Authenticated Race Condition
  225. Reference: https://wpvulndb.com/vulnerabilities/9150
  226. Reference: https://plugins.trac.wordpress.org/changeset/1977260/wordpress-seo
  227. Reference: https://www.youtube.com/watch?v=nL141dcDGCY
  228. Reference: http://packetstormsecurity.com/files/150497/
  229. Reference: https://github.com/Yoast/wordpress-seo/pull/11502/commits/3bfa70a143f5ea3ee1934f3a1703bb5caf139ffa
  230. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19370
  231. [i] Fixed in: 9.2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!