Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [+] robots.txt available under: 'http://*/robots.txt'
- [+] Interesting entry from robots.txt: http://*/
- [+] Interesting entry from robots.txt: http://*/
- [!] The WordPress 'http://*/readme.html' file exists exposing a version number
- [+] Interesting header: LINK: <http://*/wp-json/>; rel="https://api.w.org/"
- [+] Interesting header: SERVER: Apache/2.2.22 (Debian)
- [+] Interesting header: X-POWERED-BY: PHP/5.4.45-0+deb7u1
- [+] XML-RPC Interface available under: http://*/xmlrpc.php
- [!] Upload directory has directory listing enabled: http://*/wp-content/uploads/
- [!] Includes directory has directory listing enabled: http://*/wp-includes/
- [+] WordPress version 4.4.2 (Released on 2016-02-02) identified from advanced fingerprinting, links opml
- [!] 10 vulnerabilities identified from the version number
- [!] Title: WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
- Reference: https://wpvulndb.com/vulnerabilities/8473
- Reference: https://codex.wordpress.org/Version_4.5
- Reference: https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
- [i] Fixed in: 4.5
- [!] Title: WordPress <= 4.4.2 - Reflected XSS in Network Settings
- Reference: https://wpvulndb.com/vulnerabilities/8474
- Reference: https://codex.wordpress.org/Version_4.5
- Reference: https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
- [i] Fixed in: 4.5
- [!] Title: WordPress <= 4.4.2 - Script Compression Option CSRF
- Reference: https://wpvulndb.com/vulnerabilities/8475
- Reference: https://codex.wordpress.org/Version_4.5
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
- [i] Fixed in: 4.5
- [!] Title: WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
- Reference: https://wpvulndb.com/vulnerabilities/8488
- Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
- Reference: https://github.com/WordPress/WordPress/commit/a493dc0ab5819c8b831173185f1334b7c3e02e36
- Reference: https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
- [i] Fixed in: 4.5.2
- [!] Title: WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
- Reference: https://wpvulndb.com/vulnerabilities/8489
- Reference: https://wordpress.org/news/2016/05/wordpress-4-5-2/
- Reference: https://github.com/WordPress/WordPress/commit/c33e975f46a18f5ad611cf7e7c24398948cecef8
- Reference: https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e
- Reference: http://avlidienbrunn.com/wp_some_loader.php
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4566
- [i] Fixed in: 4.4.3
- [!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
- Reference: https://wpvulndb.com/vulnerabilities/8518
- Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
- Reference: https://github.com/WordPress/WordPress/commit/4372cdf45d0f49c74bbd4d60db7281de83e32648
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5833
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5834
- [i] Fixed in: 4.4.4
- [!] Title: WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
- Reference: https://wpvulndb.com/vulnerabilities/8519
- Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
- Reference: https://github.com/WordPress/WordPress/commit/a2904cc3092c391ac7027bc87f7806953d1a25a1
- Reference: https://www.wordfence.com/blog/2016/06/wordpress-core-vulnerability-bypass-password-protected-posts/
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5835
- [i] Fixed in: 4.4.4
- [!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
- Reference: https://wpvulndb.com/vulnerabilities/8520
- Reference: https://wordpress.org/news/2016/06/wordpress-4-5-3/
- Reference: https://github.com/WordPress/WordPress/commit/6d05c7521baa980c4efec411feca5e7fab6f307c
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5837
- [i] Fixed in: 4.4.4
- [!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
- Reference: https://wpvulndb.com/vulnerabilities/8615
- Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
- Reference: https://github.com/WordPress/WordPress/commit/c9e60dab176635d4bfaaf431c0ea891e4726d6e0
- Reference: https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_vulnerability_in_wordpress_due_to_unsafe_processing_of_file_names.html
- Reference: http://seclists.org/fulldisclosure/2016/Sep/6
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
- [i] Fixed in: 4.4.5
- [!] Title: WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
- Reference: https://wpvulndb.com/vulnerabilities/8616
- Reference: https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
- Reference: https://github.com/WordPress/WordPress/commit/54720a14d85bc1197ded7cb09bd3ea790caa0b6e
- Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
- [i] Fixed in: 4.4.5
- [+] WordPress theme in use: mst
- [+] Name: mst
- | Location: http://*/wp-content/themes/mst/
- [!] Directory listing is enabled: http://*/wp-content/themes/mst/
- | Style URL: http://*/wp-content/themes/mst/style.css
- | Referenced style.css: http://*/wp-content/themes/mst/css/style.css
- [+] Enumerating plugins from passive detection ...
- [+] No plugins found
- [+] Finished: Thu Dec 22 19:49:25 2016
- [+] Requests Done: 51
- [+] Memory used: 25.48 MB
- [+] Elapsed time: 00:00:22
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement