Guest User

wpscanfromsheerazali.com

a guest
Apr 9th, 2020
53
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. wpscan --url http://enterprise.local -e vp vt cb u m --api-token 9USW6KxqY91d7DXaNtDxawBRFqepm1pO1xKyNUsNa8gs | tee wpscan.log
  2. _______________________________________________________________
  3.          __          _______   _____
  4.          \ \        / /  __ \ / ____|
  5.           \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
  6.            \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  7.            \  /\  /  | |     ____) | (__| (_| | | | |
  8.             \/  \/   |_|    |_____/ \___|\__,_|_| |_|
  9.  
  10.         WordPress Security Scanner by the WPScan Team
  11.                         Version 3.7.8
  12.       Sponsored by Automattic - https://automattic.com/
  13.       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
  14. _______________________________________________________________
  15.  
  16. [+] URL: http://enterprise.local/
  17. [+] Started: Thu Apr  9 08:45:32 2020
  18.  
  19. Interesting Finding(s):
  20.  
  21. [+] http://enterprise.local/
  22. | Interesting Entries:
  23. |  - Server: Apache/2.4.10 (Debian)
  24. |  - X-Powered-By: PHP/5.6.31
  25. | Found By: Headers (Passive Detection)
  26. | Confidence: 100%
  27.  
  28. [+] http://enterprise.local/xmlrpc.php
  29. | Found By: Direct Access (Aggressive Detection)
  30. | Confidence: 100%
  31. | References:
  32. |  - http://codex.wordpress.org/XML-RPC_Pingback_API
  33. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  34. |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  35. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  36. |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  37.  
  38. [+] http://enterprise.local/readme.html
  39. | Found By: Direct Access (Aggressive Detection)
  40. | Confidence: 100%
  41.  
  42. [+] http://enterprise.local/wp-cron.php
  43. | Found By: Direct Access (Aggressive Detection)
  44. | Confidence: 60%
  45. | References:
  46. |  - https://www.iplocation.net/defend-wordpress-from-ddos
  47. |  - https://github.com/wpscanteam/wpscan/issues/1299
  48.  
  49. [+] WordPress version 4.8.1 identified (Insecure, released on 2017-08-02).
  50. | Found By: Emoji Settings (Passive Detection)
  51. |  - http://enterprise.local/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.8.1'
  52. | Confirmed By: Meta Generator (Passive Detection)
  53. |  - http://enterprise.local/, Match: 'WordPress 4.8.1'
  54. |
  55. | [!] 38 vulnerabilities identified:
  56. |
  57. | [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
  58. |     Fixed in: 4.8.2
  59. |     References:
  60. |      - https://wpvulndb.com/vulnerabilities/8905
  61. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14723
  62. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  63. |      - https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
  64. |      - https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
  65. |
  66. | [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
  67. |     Fixed in: 4.8.2
  68. |     References:
  69. |      - https://wpvulndb.com/vulnerabilities/8910
  70. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
  71. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  72. |      - https://core.trac.wordpress.org/changeset/41398
  73. |
  74. | [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
  75. |     Fixed in: 4.8.2
  76. |     References:
  77. |      - https://wpvulndb.com/vulnerabilities/8911
  78. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
  79. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  80. |      - https://core.trac.wordpress.org/changeset/41457
  81. |      - https://hackerone.com/reports/205481
  82. |
  83. | [!] Title: WordPress 4.4-4.8.1 - Path Traversal in Customizer
  84. |     Fixed in: 4.8.2
  85. |     References:
  86. |      - https://wpvulndb.com/vulnerabilities/8912
  87. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14722
  88. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  89. |      - https://core.trac.wordpress.org/changeset/41397
  90. |
  91. | [!] Title: WordPress 4.4-4.8.1 - Cross-Site Scripting (XSS) in oEmbed
  92. |     Fixed in: 4.8.2
  93. |     References:
  94. |      - https://wpvulndb.com/vulnerabilities/8913
  95. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724
  96. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  97. |      - https://core.trac.wordpress.org/changeset/41448
  98. |
  99. | [!] Title: WordPress 4.2.3-4.8.1 - Authenticated Cross-Site Scripting (XSS) in Visual Editor
  100. |     Fixed in: 4.8.2
  101. |     References:
  102. |      - https://wpvulndb.com/vulnerabilities/8914
  103. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726
  104. |      - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  105. |      - https://core.trac.wordpress.org/changeset/41395
  106. |      - https://blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html
  107. |
  108. | [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
  109. |     References:
  110. |      - https://wpvulndb.com/vulnerabilities/8807
  111. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
  112. |      - https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
  113. |      - https://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
  114. |      - https://core.trac.wordpress.org/ticket/25239
  115. |
  116. | [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
  117. |     Fixed in: 4.8.3
  118. |     References:
  119. |      - https://wpvulndb.com/vulnerabilities/8941
  120. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
  121. |      - https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
  122. |      - https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
  123. |      - https://twitter.com/ircmaxell/status/923662170092638208
  124. |      - https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
  125. |
  126. | [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
  127. |     Fixed in: 4.8.4
  128. |     References:
  129. |      - https://wpvulndb.com/vulnerabilities/8966
  130. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
  131. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  132. |      - https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
  133. |
  134. | [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
  135. |     Fixed in: 4.8.4
  136. |     References:
  137. |      - https://wpvulndb.com/vulnerabilities/8967
  138. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
  139. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  140. |      - https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
  141. |
  142. | [!] Title: WordPress 4.3.0-4.9 - HTML Language Attribute Escaping
  143. |     Fixed in: 4.8.4
  144. |     References:
  145. |      - https://wpvulndb.com/vulnerabilities/8968
  146. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093
  147. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  148. |      - https://github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a
  149. |
  150. | [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
  151. |     Fixed in: 4.8.4
  152. |     References:
  153. |      - https://wpvulndb.com/vulnerabilities/8969
  154. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
  155. |      - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  156. |      - https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
  157. |
  158. | [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
  159. |     Fixed in: 4.8.5
  160. |     References:
  161. |      - https://wpvulndb.com/vulnerabilities/9006
  162. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
  163. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9263
  164. |      - https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
  165. |      - https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
  166. |      - https://core.trac.wordpress.org/ticket/42720
  167. |
  168. | [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
  169. |     References:
  170. |      - https://wpvulndb.com/vulnerabilities/9021
  171. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
  172. |      - https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
  173. |      - https://github.com/quitten/doser.py
  174. |      - https://thehackernews.com/2018/02/wordpress-dos-exploit.html
  175. |
  176. | [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
  177. |     Fixed in: 4.8.6
  178. |     References:
  179. |      - https://wpvulndb.com/vulnerabilities/9053
  180. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
  181. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  182. |      - https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
  183. |
  184. | [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
  185. |     Fixed in: 4.8.6
  186. |     References:
  187. |      - https://wpvulndb.com/vulnerabilities/9054
  188. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
  189. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  190. |      - https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
  191. |
  192. | [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
  193. |     Fixed in: 4.8.6
  194. |     References:
  195. |      - https://wpvulndb.com/vulnerabilities/9055
  196. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
  197. |      - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  198. |      - https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
  199. |
  200. | [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
  201. |     Fixed in: 4.8.7
  202. |     References:
  203. |      - https://wpvulndb.com/vulnerabilities/9100
  204. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
  205. |      - https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
  206. |      - http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
  207. |      - https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
  208. |      - https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
  209. |      - https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
  210. |
  211. | [!] Title: WordPress <= 5.0 - Authenticated File Delete
  212. |     Fixed in: 4.8.8
  213. |     References:
  214. |      - https://wpvulndb.com/vulnerabilities/9169
  215. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  216. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  217. |
  218. | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  219. |     Fixed in: 4.8.8
  220. |     References:
  221. |      - https://wpvulndb.com/vulnerabilities/9170
  222. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  223. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  224. |      - https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  225. |
  226. | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  227. |     Fixed in: 4.8.8
  228. |     References:
  229. |      - https://wpvulndb.com/vulnerabilities/9171
  230. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  231. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  232. |
  233. | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  234. |     Fixed in: 4.8.8
  235. |     References:
  236. |      - https://wpvulndb.com/vulnerabilities/9172
  237. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  238. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  239. |
  240. | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  241. |     Fixed in: 4.8.8
  242. |     References:
  243. |      - https://wpvulndb.com/vulnerabilities/9173
  244. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  245. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  246. |      - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  247. |
  248. | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  249. |     Fixed in: 4.8.8
  250. |     References:
  251. |      - https://wpvulndb.com/vulnerabilities/9174
  252. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  253. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  254. |
  255. | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  256. |     Fixed in: 4.8.8
  257. |     References:
  258. |      - https://wpvulndb.com/vulnerabilities/9175
  259. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  260. |      - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  261. |      - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
  262. |
  263. | [!] Title: WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution
  264. |     Fixed in: 5.0.1
  265. |     References:
  266. |      - https://wpvulndb.com/vulnerabilities/9222
  267. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8942
  268. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8943
  269. |      - https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
  270. |      - https://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce
  271. |
  272. | [!] Title: WordPress 3.9-5.1 - Comment Cross-Site Scripting (XSS)
  273. |     Fixed in: 4.8.9
  274. |     References:
  275. |      - https://wpvulndb.com/vulnerabilities/9230
  276. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9787
  277. |      - https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
  278. |      - https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
  279. |      - https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
  280. |
  281. | [!] Title: WordPress <= 5.2.2 - Cross-Site Scripting (XSS) in URL Sanitisation
  282. |     Fixed in: 4.8.10
  283. |     References:
  284. |      - https://wpvulndb.com/vulnerabilities/9867
  285. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222
  286. |      - https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
  287. |      - https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68
  288. |      - https://hackerone.com/reports/339483
  289. |
  290. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Customizer
  291. |     Fixed in: 4.8.11
  292. |     References:
  293. |      - https://wpvulndb.com/vulnerabilities/9908
  294. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674
  295. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  296. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  297. |
  298. | [!] Title: WordPress <= 5.2.3 - Unauthenticated View Private/Draft Posts
  299. |     Fixed in: 4.8.11
  300. |     References:
  301. |      - https://wpvulndb.com/vulnerabilities/9909
  302. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671
  303. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  304. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  305. |      - https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
  306. |      - https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/
  307. |
  308. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Style Tags
  309. |     Fixed in: 4.8.11
  310. |     References:
  311. |      - https://wpvulndb.com/vulnerabilities/9910
  312. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672
  313. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  314. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  315. |
  316. | [!] Title: WordPress <= 5.2.3 - JSON Request Cache Poisoning
  317. |     Fixed in: 4.8.11
  318. |     References:
  319. |      - https://wpvulndb.com/vulnerabilities/9911
  320. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673
  321. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  322. |      - https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de
  323. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  324. |
  325. | [!] Title: WordPress <= 5.2.3 - Server-Side Request Forgery (SSRF) in URL Validation
  326. |     Fixed in: 4.8.11
  327. |     References:
  328. |      - https://wpvulndb.com/vulnerabilities/9912
  329. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669
  330. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17670
  331. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  332. |      - https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2
  333. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  334. |
  335. | [!] Title: WordPress <= 5.2.3 - Admin Referrer Validation
  336. |     Fixed in: 4.8.11
  337. |     References:
  338. |      - https://wpvulndb.com/vulnerabilities/9913
  339. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675
  340. |      - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  341. |      - https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0
  342. |      - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  343. |
  344. | [!] Title: WordPress <= 5.3 - Improper Access Controls in REST API
  345. |     Fixed in: 4.8.12
  346. |     References:
  347. |      - https://wpvulndb.com/vulnerabilities/9973
  348. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20043
  349. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16788
  350. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  351. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-g7rg-hchx-c2gw
  352. |
  353. | [!] Title: WordPress <= 5.3 - Stored XSS via Crafted Links
  354. |     Fixed in: 4.8.12
  355. |     References:
  356. |      - https://wpvulndb.com/vulnerabilities/9975
  357. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20042
  358. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16773
  359. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16773
  360. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  361. |      - https://hackerone.com/reports/509930
  362. |      - https://github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d
  363. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-xvg2-m2f4-83m7
  364. |
  365. | [!] Title: WordPress <= 5.3 - Stored XSS via Block Editor Content
  366. |     Fixed in: 4.8.12
  367. |     References:
  368. |      - https://wpvulndb.com/vulnerabilities/9976
  369. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16781
  370. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16780
  371. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  372. |      - https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v
  373. |
  374. | [!] Title: WordPress <= 5.3 - wp_kses_bad_protocol() Colon Bypass
  375. |     Fixed in: 4.8.12
  376. |     References:
  377. |      - https://wpvulndb.com/vulnerabilities/10004
  378. |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20041
  379. |      - https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
  380. |      - https://github.com/WordPress/wordpress-develop/commit/b1975463dd995da19bb40d3fa0786498717e3c53
  381.  
  382. [i] The main theme could not be detected.
  383.  
  384. [+] Enumerating Vulnerable Plugins (via Passive Methods)
  385.  
  386. [i] No plugins Found.
  387.  
  388. [+] WPVulnDB API OK
  389. | Plan: free
  390. | Requests Done (during the scan): 1
  391. | Requests Remaining: 49
  392.  
  393. [+] Finished: Thu Apr  9 08:45:49 2020
  394. [+] Requests Done: 26
  395. [+] Cached Requests: 4
  396. [+] Data Sent: 6.411 KB
  397. [+] Data Received: 147.806 KB
  398. [+] Memory used: 167.464 MB
  399. [+] Elapsed time: 00:00:16
RAW Paste Data