HansVanEijsden

Scan Stemwijzer

Feb 6th, 2017
4,114
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ~/wpscan$ ./wpscan.rb --url http://www.stemwijzer.nl --enumerate u
  2. _______________________________________________________________
  3. __ _______ _____
  4. \ \ / / __ \ / ____|
  5. \ \ /\ / /| |__) | (___ ___ __ _ _ __
  6. \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
  7. \ /\ / | | ____) | (__| (_| | | | |
  8. \/ \/ |_| |_____/ \___|\__,_|_| |_|
  9.  
  10. WordPress Security Scanner by the WPScan Team
  11. Version 2.9.1
  12. Sponsored by Sucuri - https://sucuri.net
  13. @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
  14. _______________________________________________________________
  15.  
  16. [i] The remote host tried to redirect to: https://stemwijzer.nl/
  17. [?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]y
  18. [+] URL: https://stemwijzer.nl/
  19. [+] Started: Mon Feb 6 12:09:34 2017
  20.  
  21. [+] robots.txt available under: 'https://stemwijzer.nl/robots.txt'
  22. [+] Interesting entry from robots.txt: https://stemwijzer.nl/wp-admin/
  23. [+] Interesting entry from robots.txt: https://stemwijzer.nl/wp-includes/
  24. [+] Interesting entry from robots.txt: https://stemwijzer.nl/wp-content/plugins/
  25. [+] Interesting entry from robots.txt: https://stemwijzer.nl/wp-content/themes/
  26. [+] Interesting entry from robots.txt: https://stemwijzer.nl/feed/
  27. [+] Interesting entry from robots.txt: */feed/
  28. [!] The WordPress 'https://stemwijzer.nl/readme.html' file exists exposing a version number
  29. [+] Interesting header: SERVER: nginx/1.6.2
  30. [+] Interesting header: STRICT-TRANSPORT-SECURITY: max-age=15552000
  31. [+] Interesting header: WP-SUPER-CACHE: Served supercache file from PHP
  32. [+] XML-RPC Interface available under: https://stemwijzer.nl/xmlrpc.php
  33.  
  34. [+] WordPress version 4.7 identified from readme (Released on 2016-12-06)
  35. [!] 12 vulnerabilities identified from the version number
  36.  
  37. [!] Title: WordPress 4.3-4.7 - Potential Remote Command Execution (RCE) in PHPMailer
  38. Reference: https://wpvulndb.com/vulnerabilities/8714
  39. Reference: https://www.wordfence.com/blog/2016/12/phpmailer-vulnerability/
  40. Reference: https://github.com/PHPMailer/PHPMailer/wiki/About-the-CVE-2016-10033-and-CVE-2016-10045-vulnerabilities
  41. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  42. [i] Fixed in: 4.7.1
  43.  
  44. [!] Title: WordPress 4.7 - User Information Disclosure via REST API
  45. Reference: https://wpvulndb.com/vulnerabilities/8715
  46. Reference: https://www.wordfence.com/blog/2016/12/wordfence-blocks-username-harvesting-via-new-rest-api-wp-4-7/
  47. Reference: https://github.com/WordPress/WordPress/commit/daf358983cc1ce0c77bf6d2de2ebbb43df2add60
  48. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  49. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5487
  50. [i] Fixed in: 4.7.1
  51.  
  52. [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
  53. Reference: https://wpvulndb.com/vulnerabilities/8716
  54. Reference: https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
  55. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  56. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
  57. [i] Fixed in: 4.7.1
  58.  
  59. [!] Title: WordPress 4.7 - Cross-Site Request Forgery (CSRF) via Flash Upload
  60. Reference: https://wpvulndb.com/vulnerabilities/8717
  61. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  62. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5489
  63. [i] Fixed in: 4.7.1
  64.  
  65. [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
  66. Reference: https://wpvulndb.com/vulnerabilities/8718
  67. Reference: https://www.mehmetince.net/low-severity-wordpress/
  68. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  69. Reference: https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
  70. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
  71. [i] Fixed in: 4.7.1
  72.  
  73. [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
  74. Reference: https://wpvulndb.com/vulnerabilities/8719
  75. Reference: https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
  76. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  77. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
  78. [i] Fixed in: 4.7.1
  79.  
  80. [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
  81. Reference: https://wpvulndb.com/vulnerabilities/8720
  82. Reference: https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
  83. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  84. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
  85. [i] Fixed in: 4.7.1
  86.  
  87. [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
  88. Reference: https://wpvulndb.com/vulnerabilities/8721
  89. Reference: https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
  90. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  91. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
  92. [i] Fixed in: 4.7.1
  93.  
  94. [!] Title: WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
  95. Reference: https://wpvulndb.com/vulnerabilities/8729
  96. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
  97. Reference: https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
  98. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5610
  99. [i] Fixed in: 4.7.2
  100.  
  101. [!] Title: WordPress 3.5-4.7.1 - WP_Query SQL Injection
  102. Reference: https://wpvulndb.com/vulnerabilities/8730
  103. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
  104. Reference: https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
  105. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5611
  106. [i] Fixed in: 4.7.2
  107.  
  108. [!] Title: WordPress 4.3.0-4.7.1 - Cross-Site Scripting (XSS) in posts list table
  109. Reference: https://wpvulndb.com/vulnerabilities/8731
  110. Reference: https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
  111. Reference: https://github.com/WordPress/WordPress/commit/4482f9207027de8f36630737ae085110896ea849
  112. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5612
  113. [i] Fixed in: 4.7.2
  114.  
  115. [!] Title: WordPress 4.7.0-4.7.1 - Unauthenticated Page/Post Content Modification via REST API
  116. Reference: https://wpvulndb.com/vulnerabilities/8734
  117. Reference: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
  118. Reference: https://blogs.akamai.com/2017/02/wordpress-web-api-vulnerability.html
  119. Reference: https://gist.github.com/leonjza/2244eb15510a0687ed93160c623762ab
  120. Reference: https://github.com/WordPress/WordPress/commit/e357195ce303017d517aff944644a7a1232926f7
  121. [i] Fixed in: 4.7.2
  122.  
  123. [+] Enumerating plugins from passive detection ...
  124. | 1 plugin found:
  125.  
  126. [+] Name: wp-super-cache - v1.4.9
  127. | Latest version: 1.4.9 (up to date)
  128. | Location: https://stemwijzer.nl/wp-content/plugins/wp-super-cache/
  129. | Readme: https://stemwijzer.nl/wp-content/plugins/wp-super-cache/readme.txt
  130.  
  131. [+] Enumerating usernames ...
  132. [+] We did not enumerate any usernames
  133.  
  134. [+] Finished: Mon Feb 6 12:10:05 2017
  135. [+] Requests Done: 81
  136. [+] Memory used: 78.73 MB
  137. [+] Elapsed time: 00:00:30
RAW Paste Data