API tools faq
paste
Guest User

wpscanfromsheerazali.com

a guest
Apr 9th, 2020
258
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 20.36 KB | None | 0 0
raw download clone embed print report
  1. wpscan --url http://enterprise.local -e vp vt cb u m --api-token 9USW6KxqY91d7DXaNtDxawBRFqepm1pO1xKyNUsNa8gs | tee wpscan.log
  2. _______________________________________________________________
  3.          __          _______   _____
  4.          \ \        / /  __ \ / ____|
  5.           \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
  6.            \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  7.            \  /\  /  | |     ____) | (__| (_| | | | |
  8.             \/  \/   |_|    |_____/ \___|\__,_|_| |_|
  9.  
  10.         WordPress Security Scanner by the WPScan Team
  11.                         Version 3.7.8
  12.       Sponsored by Automattic - https://automattic.com/
  13.       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
  14. _______________________________________________________________
  15.  
  16. [+] URL: http://enterprise.local/
  17. [+] Started: Thu Apr  9 08:45:32 2020
  18.  
  19. Interesting Finding(s):
  20.  
  21. [+] http://enterprise.local/
  22. | Interesting Entries:
  23. |  - Server: Apache/2.4.10 (Debian)
  24. |  - X-Powered-By: PHP/5.6.31
  25. | Found By: Headers (Passive Detection)
  26. | Confidence: 100%
  27.  
  28. [+] http://enterprise.local/xmlrpc.php
  29. | Found By: Direct Access (Aggressive Detection)
  30. | Confidence: 100%
  31. | References:
  32. |  - http://codex.wordpress.org/XML-RPC_Pingback_API
  33. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  34. |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  35. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  36. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  37.  
  38. [+] http://enterprise.local/readme.html
  39. | Found By: Direct Access (Aggressive Detection)
  40. | Confidence: 100%
  41.  
  42. [+] http://enterprise.local/wp-cron.php
  43. | Found By: Direct Access (Aggressive Detection)
  44. | Confidence: 60%
  45. | References:
  46. |  - https://www.iplocation.net/defend-wordpress-from-ddos
  47. |  - https://github.com/wpscanteam/wpscan/issues/1299
  48.  
  49. [+] WordPress version 4.8.1 identified (Insecure, released on 2017-08-02).
  50. | Found By: Emoji Settings (Passive Detection)
  51. |  - http://enterprise.local/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.8.1'
  52. | Confirmed By: Meta Generator (Passive Detection)
  53. |  - http://enterprise.local/, Match: 'WordPress 4.8.1'
  54. |
  55. | [!] 38 vulnerabilities identified:
  56. |
  57. | [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
  58. |     Fixed in: 4.8.2
  59. |     References:
  60. |      - https://wpvulndb.com/vulnerabilities/8905
  61. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14723
  62. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  63. |      - https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
  64. |      - https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
  65. |
  66. | [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
  67. |     Fixed in: 4.8.2
  68. |     References:
  69. |      - https://wpvulndb.com/vulnerabilities/8910
  70. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
  71. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  72. |      - https://core.trac.wordpress.org/changeset/41398
  73. |
  74. | [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
  75. |     Fixed in: 4.8.2
  76. |     References:
  77. |      - https://wpvulndb.com/vulnerabilities/8911
  78. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
  79. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  80. |      - https://core.trac.wordpress.org/changeset/41457
  81. |      - https://hackerone.com/reports/205481
  82. |
  83. | [!] Title: WordPress 4.4-4.8.1 - Path Traversal in Customizer
  84. |     Fixed in: 4.8.2
  85. |     References:
  86. |      - https://wpvulndb.com/vulnerabilities/8912
  87. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14722
  88. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  89. |      - https://core.trac.wordpress.org/changeset/41397
  90. |
  91. | [!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
  92. |     Fixed in: 4.8.2
  93. |     References:
  94. |      - https://wpvulndb.com/vulnerabilities/8913
  95. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
  96. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  97. |      - https://core.trac.wordpress.org/changeset/41448
  98. |
  99. | [!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
  100. |     Fixed in: 4.8.2
  101. |     References:
  102. |      - https://wpvulndb.com/vulnerabilities/8914
  103. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
  104. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  105. |      - https://core.trac.wordpress.org/changeset/41395
  106. |      - https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
  107. |
  108. | [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
  109. |     References:
  110. |      - https://wpvulndb.com/vulnerabilities/8807
  111. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
  112. |      - https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
  113. |      - https://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
  114. |      - https://core.trac.wordpress.org/ticket/25239
  115. |
  116. | [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
  117. |     Fixed in: 4.8.3
  118. |     References:
  119. |      - https://wpvulndb.com/vulnerabilities/8941
  120. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
  121. |      - https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
  122. |      - https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
  123. |      - https://twitter.com/ircmaxell/status/923662170092638208
  124. |      - https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
  125. |
  126. | [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
  127. |     Fixed in: 4.8.4
  128. |     References:
  129. |      - https://wpvulndb.com/vulnerabilities/8966
  130. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
  131. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  132. |      - https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
  133. |
  134. | [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
  135. |     Fixed in: 4.8.4
  136. |     References:
  137. |      - https://wpvulndb.com/vulnerabilities/8967
  138. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
  139. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  140. |      - https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
  141. |
  142. | [!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
  143. |     Fixed in: 4.8.4
  144. |     References:
  145. |      - https://wpvulndb.com/vulnerabilities/8968
  146. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
  147. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  148. |      - https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
  149. |
  150. | [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
  151. |     Fixed in: 4.8.4
  152. |     References:
  153. |      - https://wpvulndb.com/vulnerabilities/8969
  154. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
  155. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  156. |      - https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
  157. |
  158. | [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
  159. |     Fixed in: 4.8.5
  160. |     References:
  161. |      - https://wpvulndb.com/vulnerabilities/9006
  162. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
  163. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9263
  164. |      - https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
  165. |      - https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
  166. |      - https://core.trac.wordpress.org/ticket/42720
  167. |
  168. | [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
  169. |     References:
  170. |      - https://wpvulndb.com/vulnerabilities/9021
  171. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
  172. |      - https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
  173. |      - https://github.com/quitten/doser.py
  174. |      - https://thehackernews.com/2018/02/wordpress-dos-exploit.html
  175. |
  176. | [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
  177. |     Fixed in: 4.8.6
  178. |     References:
  179. |      - https://wpvulndb.com/vulnerabilities/9053
  180. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
  181. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  182. |      - https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
  183. |
  184. | [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
  185. |     Fixed in: 4.8.6
  186. |     References:
  187. |      - https://wpvulndb.com/vulnerabilities/9054
  188. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
  189. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  190. |      - https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
  191. |
  192. | [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
  193. |     Fixed in: 4.8.6
  194. |     References:
  195. |      - https://wpvulndb.com/vulnerabilities/9055
  196. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
  197. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  198. |      - https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
  199. |
  200. | [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
  201. |     Fixed in: 4.8.7
  202. |     References:
  203. |      - https://wpvulndb.com/vulnerabilities/9100
  204. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
  205. |      - https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
  206. |      - http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
  207. |      - https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
  208. |      - https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
  209. |      - https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
  210. |
  211. | [!] Title: WordPress <= 5.0 - Authenticated File Delete
  212. |     Fixed in: 4.8.8
  213. |     References:
  214. |      - https://wpvulndb.com/vulnerabilities/9169
  215. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  216. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  217. |
  218. | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  219. |     Fixed in: 4.8.8
  220. |     References:
  221. |      - https://wpvulndb.com/vulnerabilities/9170
  222. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  223. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  224. |      - https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  225. |
  226. | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  227. |     Fixed in: 4.8.8
  228. |     References:
  229. |      - https://wpvulndb.com/vulnerabilities/9171
  230. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  231. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  232. |
  233. | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  234. |     Fixed in: 4.8.8
  235. |     References:
  236. |      - https://wpvulndb.com/vulnerabilities/9172
  237. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  238. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  239. |
  240. | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  241. |     Fixed in: 4.8.8
  242. |     References:
  243. |      - https://wpvulndb.com/vulnerabilities/9173
  244. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  245. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  246. |      - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  247. |
  248. | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  249. |     Fixed in: 4.8.8
  250. |     References:
  251. |      - https://wpvulndb.com/vulnerabilities/9174
  252. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  253. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  254. |
  255. | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  256. |     Fixed in: 4.8.8
  257. |     References:
  258. |      - https://wpvulndb.com/vulnerabilities/9175
  259. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  260. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  261. |      - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
  262. |
  263. | [!] Title: WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution
  264. |     Fixed in: 5.0.1
  265. |     References:
  266. |      - https://wpvulndb.com/vulnerabilities/9222
  267. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8942
  268. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8943
  269. |      - https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
  270. |      - https://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce
  271. |
  272. | [!] Title: WordPress 3.9-5.1 - Comment Cross-Site Scripting (XSS)
  273. |     Fixed in: 4.8.9
  274. |     References:
  275. |      - https://wpvulndb.com/vulnerabilities/9230
  276. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9787
  277. |      - https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
  278. |      - https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
  279. |      - https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
  280. |
  281. | [!] Title: WordPress <= 5.2.2 - Cross-Site Scripting (XSS) in URL Sanitisation
  282. |     Fixed in: 4.8.10
  283. |     References:
  284. |      - https://wpvulndb.com/vulnerabilities/9867
  285. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222
  286. |      - https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
  287. |      - https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68
  288. |      - https://hackerone.com/reports/339483
  289. |
  290. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Customizer
  291. |     Fixed in: 4.8.11
  292. |     References:
  293. |      - https://wpvulndb.com/vulnerabilities/9908
  294. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674
  295. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  296. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  297. |
  298. | [!] Title: WordPress <= 5.2.3 - Unauthenticated View Private/Draft Posts
  299. |     Fixed in: 4.8.11
  300. |     References:
  301. |      - https://wpvulndb.com/vulnerabilities/9909
  302. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671
  303. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  304. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  305. |      - https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
  306. |      - https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/
  307. |
  308. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Style Tags
  309. |     Fixed in: 4.8.11
  310. |     References:
  311. |      - https://wpvulndb.com/vulnerabilities/9910
  312. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672
  313. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  314. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  315. |
  316. | [!] Title: WordPress <= 5.2.3 - JSON Request Cache Poisoning
  317. |     Fixed in: 4.8.11
  318. |     References:
  319. |      - https://wpvulndb.com/vulnerabilities/9911
  320. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673
  321. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  322. |      - https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de
  323. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  324. |
  325. | [!] Title: WordPress <= 5.2.3 - Server-Side Request Forgery (SSRF) in URL Validation
  326. |     Fixed in: 4.8.11
  327. |     References:
  328. |      - https://wpvulndb.com/vulnerabilities/9912
  329. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669
  330. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17670
  331. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  332. |      - https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2
  333. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  334. |
  335. | [!] Title: WordPress <= 5.2.3 - Admin Referrer Validation
  336. |     Fixed in: 4.8.11
  337. |     References:
  338. |      - https://wpvulndb.com/vulnerabilities/9913
  339. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675
  340. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  341. |      - https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0
  342. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  343. |
  344. | [!] Title: WordPress <= 5.3 - Improper Access Controls in REST API
  345. |     Fixed in: 4.8.12
  346. |     References:
  347. |      - https://wpvulndb.com/vulnerabilities/9973
  348. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043
  349. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16788
  350. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  351. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw
  352. |
  353. | [!] Title: WordPress <= 5.3 - Stored XSS via Crafted Links
  354. |     Fixed in: 4.8.12
  355. |     References:
  356. |      - https://wpvulndb.com/vulnerabilities/9975
  357. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042
  358. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16773
  359. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16773
  360. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  361. |      - https://hackerone.com/reports/509930
  362. |      - https://github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d
  363. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xvg2-m2f4-83m7
  364. |
  365. | [!] Title: WordPress <= 5.3 - Stored XSS via Block Editor Content
  366. |     Fixed in: 4.8.12
  367. |     References:
  368. |      - https://wpvulndb.com/vulnerabilities/9976
  369. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781
  370. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780
  371. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  372. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v
  373. |
  374. | [!] Title: WordPress <= 5.3 - wp_kses_bad_protocol() Colon Bypass
  375. |     Fixed in: 4.8.12
  376. |     References:
  377. |      - https://wpvulndb.com/vulnerabilities/10004
  378. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041
  379. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  380. |      - https://github.com/WordPress/wordpress-develop/commit/b1975463dd995da19bb40d3fa0786498717e3c53
  381.  
  382. [i] The main theme could not be detected.
  383.  
  384. [+] Enumerating Vulnerable Plugins (via Passive Methods)
  385.  
  386. [i] No plugins Found.
  387.  
  388. [+] WPVulnDB API OK
  389. | Plan: free
  390. | Requests Done (during the scan): 1
  391. | Requests Remaining: 49
  392.  
  393. [+] Finished: Thu Apr  9 08:45:49 2020
  394. [+] Requests Done: 26
  395. [+] Cached Requests: 4
  396. [+] Data Sent: 6.411 KB
  397. [+] Data Received: 147.806 KB
  398. [+] Memory used: 167.464 MB
  399. [+] Elapsed time: 00:00:16
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!