API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 21st, 2019
361
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.82 KB | None | 0 0
raw download clone embed print report
  1. _______________________________________________________________
  2. __ _______ _____
  3. \ \ / / __ \ / ____|
  4. \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
  5. \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
  6. \ /\ / | | ____) | (__| (_| | | | |
  7. \/ \/ |_| |_____/ \___|\__,_|_| |_|
  8.  
  9. WordPress Security Scanner by the WPScan Team
  10. Version 3.7.3
  11. Sponsored by Automattic - https://automattic.com/
  12. @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
  13. _______________________________________________________________
  14.  
  15. [+] URL: http://wpdistillery.vm/
  16. [+] Started: Thu Nov 21 19:57:27 2019
  17.  
  18. Interesting Finding(s):
  19.  
  20. [+] http://wpdistillery.vm/
  21. | Interesting Entry: Server: Apache/2.4.18 (Ubuntu)
  22. | Found By: Headers (Passive Detection)
  23. | Confidence: 100%
  24.  
  25. [+] http://wpdistillery.vm/xmlrpc.php
  26. | Found By: Headers (Passive Detection)
  27. | Confidence: 100%
  28. | Confirmed By:
  29. | - Link Tag (Passive Detection), 30% confidence
  30. | - Direct Access (Aggressive Detection), 100% confidence
  31. | References:
  32. | - http://codex.wordpress.org/XML-RPC_Pingback_API
  33. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
  34. | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
  35. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
  36. | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
  37.  
  38. [+] http://wpdistillery.vm/readme.html
  39. | Found By: Direct Access (Aggressive Detection)
  40. | Confidence: 100%
  41.  
  42. [+] Upload directory has listing enabled: http://wpdistillery.vm/wp-content/uploads/
  43. | Found By: Direct Access (Aggressive Detection)
  44. | Confidence: 100%
  45.  
  46. [+] http://wpdistillery.vm/wp-cron.php
  47. | Found By: Direct Access (Aggressive Detection)
  48. | Confidence: 60%
  49. | References:
  50. | - https://www.iplocation.net/defend-wordpress-from-ddos
  51. | - https://github.com/wpscanteam/wpscan/issues/1299
  52.  
  53. [+] WordPress version 4.2 identified (Insecure, released on 2015-04-23).
  54. | Detected By: Emoji Settings (Passive Detection)
  55. | - http://wpdistillery.vm/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=4.2'
  56. | Confirmed By: Meta Generator (Passive Detection)
  57. | - http://wpdistillery.vm/, Match: 'WordPress 4.2'
  58. |
  59. | [!] 72 vulnerabilities identified:
  60. |
  61. | [!] Title: WordPress <= 4.2 - Unauthenticated Stored Cross-Site Scripting (XSS)
  62. | Fixed in: 4.2.1
  63. | References:
  64. | - https://wpvulndb.com/vulnerabilities/7945
  65. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3440
  66. | - https://www.exploit-db.com/exploits/36844/
  67. | - http://klikki.fi/adv/wordpress2.html
  68. | - https://packetstormsecurity.com/files/131644/
  69. |
  70. | [!] Title: WordPress 4.1-4.2.1 - Unauthenticated Genericons Cross-Site Scripting (XSS)
  71. | Fixed in: 4.2.2
  72. | References:
  73. | - https://wpvulndb.com/vulnerabilities/7979
  74. | - https://codex.wordpress.org/Version_4.2.2
  75. |
  76. | [!] Title: WordPress <= 4.2.2 - Authenticated Stored Cross-Site Scripting (XSS)
  77. | Fixed in: 4.2.3
  78. | References:
  79. | - https://wpvulndb.com/vulnerabilities/8111
  80. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5622
  81. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5623
  82. | - https://wordpress.org/news/2015/07/wordpress-4-2-3/
  83. | - https://twitter.com/klikkioy/status/624264122570526720
  84. | - https://klikki.fi/adv/wordpress3.html
  85. |
  86. | [!] Title: WordPress <= 4.2.3 - wp_untrash_post_comments SQL Injection
  87. | Fixed in: 4.2.4
  88. | References:
  89. | - https://wpvulndb.com/vulnerabilities/8126
  90. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2213
  91. | - https://github.com/WordPress/WordPress/commit/70128fe7605cb963a46815cf91b0a5934f70eff5
  92. |
  93. | [!] Title: WordPress <= 4.2.3 - Timing Side Channel Attack
  94. | Fixed in: 4.2.4
  95. | References:
  96. | - https://wpvulndb.com/vulnerabilities/8130
  97. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5730
  98. | - https://core.trac.wordpress.org/changeset/33536
  99. |
  100. | [!] Title: WordPress <= 4.2.3 - Widgets Title Cross-Site Scripting (XSS)
  101. | Fixed in: 4.2.4
  102. | References:
  103. | - https://wpvulndb.com/vulnerabilities/8131
  104. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5732
  105. | - https://core.trac.wordpress.org/changeset/33529
  106. |
  107. | [!] Title: WordPress <= 4.2.3 - Nav Menu Title Cross-Site Scripting (XSS)
  108. | Fixed in: 4.2.4
  109. | References:
  110. | - https://wpvulndb.com/vulnerabilities/8132
  111. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5733
  112. | - https://core.trac.wordpress.org/changeset/33541
  113. |
  114. | [!] Title: WordPress <= 4.2.3 - Legacy Theme Preview Cross-Site Scripting (XSS)
  115. | Fixed in: 4.2.4
  116. | References:
  117. | - https://wpvulndb.com/vulnerabilities/8133
  118. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5734
  119. | - https://core.trac.wordpress.org/changeset/33549
  120. | - https://blog.sucuri.net/2015/08/persistent-xss-vulnerability-in-wordpress-explained.html
  121. |
  122. | [!] Title: WordPress <= 4.3 - Authenticated Shortcode Tags Cross-Site Scripting (XSS)
  123. | Fixed in: 4.2.5
  124. | References:
  125. | - https://wpvulndb.com/vulnerabilities/8186
  126. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5714
  127. | - https://wordpress.org/news/2015/09/wordpress-4-3-1/
  128. | - http://blog.checkpoint.com/2015/09/15/finding-vulnerabilities-in-core-wordpress-a-bug-hunters-trilogy-part-iii-ultimatum/
  129. | - http://blog.knownsec.com/2015/09/wordpress-vulnerability-analysis-cve-2015-5714-cve-2015-5715/
  130. |
  131. | [!] Title: WordPress <= 4.3 - User List Table Cross-Site Scripting (XSS)
  132. | Fixed in: 4.2.5
  133. | References:
  134. | - https://wpvulndb.com/vulnerabilities/8187
  135. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7989
  136. | - https://wordpress.org/news/2015/09/wordpress-4-3-1/
  137. | - https://github.com/WordPress/WordPress/commit/f91a5fd10ea7245e5b41e288624819a37adf290a
  138. |
  139. | [!] Title: WordPress <= 4.3 - Publish Post & Mark as Sticky Permission Issue
  140. | Fixed in: 4.2.5
  141. | References:
  142. | - https://wpvulndb.com/vulnerabilities/8188
  143. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5715
  144. | - https://wordpress.org/news/2015/09/wordpress-4-3-1/
  145. | - http://blog.checkpoint.com/2015/09/15/finding-vulnerabilities-in-core-wordpress-a-bug-hunters-trilogy-part-iii-ultimatum/
  146. | - http://blog.knownsec.com/2015/09/wordpress-vulnerability-analysis-cve-2015-5714-cve-2015-5715/
  147. |
  148. | [!] Title: WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)
  149. | Fixed in: 4.2.6
  150. | References:
  151. | - https://wpvulndb.com/vulnerabilities/8358
  152. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1564
  153. | - https://wordpress.org/news/2016/01/wordpress-4-4-1-security-and-maintenance-release/
  154. | - https://github.com/WordPress/WordPress/commit/7ab65139c6838910426567849c7abed723932b87
  155. |
  156. | [!] Title: WordPress 3.7-4.4.1 - Local URIs Server Side Request Forgery (SSRF)
  157. | Fixed in: 4.2.7
  158. | References:
  159. | - https://wpvulndb.com/vulnerabilities/8376
  160. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2222
  161. | - https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
  162. | - https://core.trac.wordpress.org/changeset/36435
  163. | - https://hackerone.com/reports/110801
  164. |
  165. | [!] Title: WordPress 3.7-4.4.1 - Open Redirect
  166. | Fixed in: 4.2.7
  167. | References:
  168. | - https://wpvulndb.com/vulnerabilities/8377
  169. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2221
  170. | - https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
  171. | - https://core.trac.wordpress.org/changeset/36444
  172. |
  173. | [!] Title: WordPress <= 4.4.2 - SSRF Bypass using Octal & Hexedecimal IP addresses
  174. | Fixed in: 4.5
  175. | References:
  176. | - https://wpvulndb.com/vulnerabilities/8473
  177. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4029
  178. | - https://codex.wordpress.org/Version_4.5
  179. | - https://github.com/WordPress/WordPress/commit/af9f0520875eda686fd13a427fd3914d7aded049
  180. |
  181. | [!] Title: WordPress <= 4.4.2 - Reflected XSS in Network Settings
  182. | Fixed in: 4.5
  183. | References:
  184. | - https://wpvulndb.com/vulnerabilities/8474
  185. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6634
  186. | - https://codex.wordpress.org/Version_4.5
  187. | - https://github.com/WordPress/WordPress/commit/cb2b3ed3c7d68f6505bfb5c90257e6aaa3e5fcb9
  188. |
  189. | [!] Title: WordPress <= 4.4.2 - Script Compression Option CSRF
  190. | Fixed in: 4.5
  191. | References:
  192. | - https://wpvulndb.com/vulnerabilities/8475
  193. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6635
  194. | - https://codex.wordpress.org/Version_4.5
  195. |
  196. | [!] Title: WordPress 4.2-4.5.1 - MediaElement.js Reflected Cross-Site Scripting (XSS)
  197. | Fixed in: 4.5.2
  198. | References:
  199. | - https://wpvulndb.com/vulnerabilities/8488
  200. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4567
  201. | - https://wordpress.org/news/2016/05/wordpress-4-5-2/
  202. | - https://github.com/WordPress/WordPress/commit/a493dc0ab5819c8b831173185f1334b7c3e02e36
  203. | - https://gist.github.com/cure53/df34ea68c26441f3ae98f821ba1feb9c
  204. |
  205. | [!] Title: WordPress <= 4.5.1 - Pupload Same Origin Method Execution (SOME)
  206. | Fixed in: 4.2.8
  207. | References:
  208. | - https://wpvulndb.com/vulnerabilities/8489
  209. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4566
  210. | - https://wordpress.org/news/2016/05/wordpress-4-5-2/
  211. | - https://github.com/WordPress/WordPress/commit/c33e975f46a18f5ad611cf7e7c24398948cecef8
  212. | - https://gist.github.com/cure53/09a81530a44f6b8173f545accc9ed07e
  213. |
  214. | [!] Title: WordPress 4.2-4.5.2 - Authenticated Attachment Name Stored XSS
  215. | Fixed in: 4.2.9
  216. | References:
  217. | - https://wpvulndb.com/vulnerabilities/8518
  218. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5833
  219. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5834
  220. | - https://wordpress.org/news/2016/06/wordpress-4-5-3/
  221. | - https://github.com/WordPress/WordPress/commit/4372cdf45d0f49c74bbd4d60db7281de83e32648
  222. |
  223. | [!] Title: WordPress 3.6-4.5.2 - Authenticated Revision History Information Disclosure
  224. | Fixed in: 4.2.9
  225. | References:
  226. | - https://wpvulndb.com/vulnerabilities/8519
  227. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5835
  228. | - https://wordpress.org/news/2016/06/wordpress-4-5-3/
  229. | - https://github.com/WordPress/WordPress/commit/a2904cc3092c391ac7027bc87f7806953d1a25a1
  230. | - https://www.wordfence.com/blog/2016/06/wordpress-core-vulnerability-bypass-password-protected-posts/
  231. |
  232. | [!] Title: WordPress 2.6.0-4.5.2 - Unauthorized Category Removal from Post
  233. | Fixed in: 4.2.9
  234. | References:
  235. | - https://wpvulndb.com/vulnerabilities/8520
  236. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5837
  237. | - https://wordpress.org/news/2016/06/wordpress-4-5-3/
  238. | - https://github.com/WordPress/WordPress/commit/6d05c7521baa980c4efec411feca5e7fab6f307c
  239. |
  240. | [!] Title: WordPress 2.5-4.6 - Authenticated Stored Cross-Site Scripting via Image Filename
  241. | Fixed in: 4.2.10
  242. | References:
  243. | - https://wpvulndb.com/vulnerabilities/8615
  244. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7168
  245. | - https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
  246. | - https://github.com/WordPress/WordPress/commit/c9e60dab176635d4bfaaf431c0ea891e4726d6e0
  247. | - https://sumofpwn.nl/advisory/2016/persistent_cross_site_scripting_vulnerability_in_wordpress_due_to_unsafe_processing_of_file_names.html
  248. | - https://seclists.org/fulldisclosure/2016/Sep/6
  249. |
  250. | [!] Title: WordPress 2.8-4.6 - Path Traversal in Upgrade Package Uploader
  251. | Fixed in: 4.2.10
  252. | References:
  253. | - https://wpvulndb.com/vulnerabilities/8616
  254. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7169
  255. | - https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/
  256. | - https://github.com/WordPress/WordPress/commit/54720a14d85bc1197ded7cb09bd3ea790caa0b6e
  257. |
  258. | [!] Title: WordPress 2.9-4.7 - Authenticated Cross-Site scripting (XSS) in update-core.php
  259. | Fixed in: 4.2.11
  260. | References:
  261. | - https://wpvulndb.com/vulnerabilities/8716
  262. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5488
  263. | - https://github.com/WordPress/WordPress/blob/c9ea1de1441bb3bda133bf72d513ca9de66566c2/wp-admin/update-core.php
  264. | - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  265. |
  266. | [!] Title: WordPress 3.4-4.7 - Stored Cross-Site Scripting (XSS) via Theme Name fallback
  267. | Fixed in: 4.2.11
  268. | References:
  269. | - https://wpvulndb.com/vulnerabilities/8718
  270. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5490
  271. | - https://www.mehmetince.net/low-severity-wordpress/
  272. | - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  273. | - https://github.com/WordPress/WordPress/commit/ce7fb2934dd111e6353784852de8aea2a938b359
  274. |
  275. | [!] Title: WordPress <= 4.7 - Post via Email Checks mail.example.com by Default
  276. | Fixed in: 4.2.11
  277. | References:
  278. | - https://wpvulndb.com/vulnerabilities/8719
  279. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5491
  280. | - https://github.com/WordPress/WordPress/commit/061e8788814ac87706d8b95688df276fe3c8596a
  281. | - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  282. |
  283. | [!] Title: WordPress 2.8-4.7 - Accessibility Mode Cross-Site Request Forgery (CSRF)
  284. | Fixed in: 4.2.11
  285. | References:
  286. | - https://wpvulndb.com/vulnerabilities/8720
  287. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5492
  288. | - https://github.com/WordPress/WordPress/commit/03e5c0314aeffe6b27f4b98fef842bf0fb00c733
  289. | - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  290. |
  291. | [!] Title: WordPress 3.0-4.7 - Cryptographically Weak Pseudo-Random Number Generator (PRNG)
  292. | Fixed in: 4.2.11
  293. | References:
  294. | - https://wpvulndb.com/vulnerabilities/8721
  295. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5493
  296. | - https://github.com/WordPress/WordPress/commit/cea9e2dc62abf777e06b12ec4ad9d1aaa49b29f4
  297. | - https://wordpress.org/news/2017/01/wordpress-4-7-1-security-and-maintenance-release/
  298. |
  299. | [!] Title: WordPress 4.2.0-4.7.1 - Press This UI Available to Unauthorised Users
  300. | Fixed in: 4.2.12
  301. | References:
  302. | - https://wpvulndb.com/vulnerabilities/8729
  303. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5610
  304. | - https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
  305. | - https://github.com/WordPress/WordPress/commit/21264a31e0849e6ff793a06a17de877dd88ea454
  306. |
  307. | [!] Title: WordPress 3.5-4.7.1 - WP_Query SQL Injection
  308. | Fixed in: 4.2.12
  309. | References:
  310. | - https://wpvulndb.com/vulnerabilities/8730
  311. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5611
  312. | - https://wordpress.org/news/2017/01/wordpress-4-7-2-security-release/
  313. | - https://github.com/WordPress/WordPress/commit/85384297a60900004e27e417eac56d24267054cb
  314. |
  315. | [!] Title: WordPress 3.6.0-4.7.2 - Authenticated Cross-Site Scripting (XSS) via Media File Metadata
  316. | Fixed in: 4.2.13
  317. | References:
  318. | - https://wpvulndb.com/vulnerabilities/8765
  319. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6814
  320. | - https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
  321. | - https://github.com/WordPress/WordPress/commit/28f838ca3ee205b6f39cd2bf23eb4e5f52796bd7
  322. | - https://sumofpwn.nl/advisory/2016/wordpress_audio_playlist_functionality_is_affected_by_cross_site_scripting.html
  323. | - https://seclists.org/oss-sec/2017/q1/563
  324. |
  325. | [!] Title: WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation
  326. | Fixed in: 4.2.13
  327. | References:
  328. | - https://wpvulndb.com/vulnerabilities/8766
  329. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6815
  330. | - https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
  331. | - https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e
  332. |
  333. | [!] Title: WordPress 4.0-4.7.2 - Authenticated Stored Cross-Site Scripting (XSS) in YouTube URL Embeds
  334. | Fixed in: 4.2.13
  335. | References:
  336. | - https://wpvulndb.com/vulnerabilities/8768
  337. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6817
  338. | - https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
  339. | - https://github.com/WordPress/WordPress/commit/419c8d97ce8df7d5004ee0b566bc5e095f0a6ca8
  340. | - https://blog.sucuri.net/2017/03/stored-xss-in-wordpress-core.html
  341. |
  342. | [!] Title: WordPress 4.2-4.7.2 - Press This CSRF DoS
  343. | Fixed in: 4.2.13
  344. | References:
  345. | - https://wpvulndb.com/vulnerabilities/8770
  346. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6819
  347. | - https://wordpress.org/news/2017/03/wordpress-4-7-3-security-and-maintenance-release/
  348. | - https://github.com/WordPress/WordPress/commit/263831a72d08556bc2f3a328673d95301a152829
  349. | - https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_press_this_function_allows_dos.html
  350. | - https://seclists.org/oss-sec/2017/q1/562
  351. | - https://hackerone.com/reports/153093
  352. |
  353. | [!] Title: WordPress 2.3-4.8.3 - Host Header Injection in Password Reset
  354. | References:
  355. | - https://wpvulndb.com/vulnerabilities/8807
  356. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295
  357. | - https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
  358. | - https://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
  359. | - https://core.trac.wordpress.org/ticket/25239
  360. |
  361. | [!] Title: WordPress 2.7.0-4.7.4 - Insufficient Redirect Validation
  362. | Fixed in: 4.2.15
  363. | References:
  364. | - https://wpvulndb.com/vulnerabilities/8815
  365. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9066
  366. | - https://github.com/WordPress/WordPress/commit/76d77e927bb4d0f87c7262a50e28d84e01fd2b11
  367. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  368. |
  369. | [!] Title: WordPress 2.5.0-4.7.4 - Post Meta Data Values Improper Handling in XML-RPC
  370. | Fixed in: 4.2.15
  371. | References:
  372. | - https://wpvulndb.com/vulnerabilities/8816
  373. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9062
  374. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  375. | - https://github.com/WordPress/WordPress/commit/3d95e3ae816f4d7c638f40d3e936a4be19724381
  376. |
  377. | [!] Title: WordPress 3.4.0-4.7.4 - XML-RPC Post Meta Data Lack of Capability Checks
  378. | Fixed in: 4.2.15
  379. | References:
  380. | - https://wpvulndb.com/vulnerabilities/8817
  381. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9065
  382. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  383. | - https://github.com/WordPress/WordPress/commit/e88a48a066ab2200ce3091b131d43e2fab2460a4
  384. |
  385. | [!] Title: WordPress 2.5.0-4.7.4 - Filesystem Credentials Dialog CSRF
  386. | Fixed in: 4.2.15
  387. | References:
  388. | - https://wpvulndb.com/vulnerabilities/8818
  389. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9064
  390. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  391. | - https://github.com/WordPress/WordPress/commit/38347d7c580be4cdd8476e4bbc653d5c79ed9b67
  392. | - https://sumofpwn.nl/advisory/2016/cross_site_request_forgery_in_wordpress_connection_information.html
  393. |
  394. | [!] Title: WordPress 3.3-4.7.4 - Large File Upload Error XSS
  395. | Fixed in: 4.2.15
  396. | References:
  397. | - https://wpvulndb.com/vulnerabilities/8819
  398. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9061
  399. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  400. | - https://github.com/WordPress/WordPress/commit/8c7ea71edbbffca5d9766b7bea7c7f3722ffafa6
  401. | - https://hackerone.com/reports/203515
  402. | - https://hackerone.com/reports/203515
  403. |
  404. | [!] Title: WordPress 3.4.0-4.7.4 - Customizer XSS & CSRF
  405. | Fixed in: 4.2.15
  406. | References:
  407. | - https://wpvulndb.com/vulnerabilities/8820
  408. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9063
  409. | - https://wordpress.org/news/2017/05/wordpress-4-7-5/
  410. | - https://github.com/WordPress/WordPress/commit/3d10fef22d788f29aed745b0f5ff6f6baea69af3
  411. |
  412. | [!] Title: WordPress 2.3.0-4.8.1 - $wpdb->prepare() potential SQL Injection
  413. | Fixed in: 4.2.16
  414. | References:
  415. | - https://wpvulndb.com/vulnerabilities/8905
  416. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14723
  417. | - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  418. | - https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
  419. | - https://github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec
  420. |
  421. | [!] Title: WordPress 2.3.0-4.7.4 - Authenticated SQL injection
  422. | Fixed in: 4.7.5
  423. | References:
  424. | - https://wpvulndb.com/vulnerabilities/8906
  425. | - https://medium.com/websec/wordpress-sqli-bbb2afcc8e94
  426. | - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  427. | - https://github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48
  428. | - https://wpvulndb.com/vulnerabilities/8905
  429. |
  430. | [!] Title: WordPress 2.9.2-4.8.1 - Open Redirect
  431. | Fixed in: 4.2.16
  432. | References:
  433. | - https://wpvulndb.com/vulnerabilities/8910
  434. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725
  435. | - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  436. | - https://core.trac.wordpress.org/changeset/41398
  437. |
  438. | [!] Title: WordPress 3.0-4.8.1 - Path Traversal in Unzipping
  439. | Fixed in: 4.2.16
  440. | References:
  441. | - https://wpvulndb.com/vulnerabilities/8911
  442. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719
  443. | - https://wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/
  444. | - https://core.trac.wordpress.org/changeset/41457
  445. |
  446. | [!] Title: WordPress <= 4.8.2 - $wpdb->prepare() Weakness
  447. | Fixed in: 4.2.17
  448. | References:
  449. | - https://wpvulndb.com/vulnerabilities/8941
  450. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510
  451. | - https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/
  452. | - https://github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d
  453. | - https://twitter.com/ircmaxell/status/923662170092638208
  454. | - https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html
  455. |
  456. | [!] Title: WordPress 2.8.6-4.9 - Authenticated JavaScript File Upload
  457. | Fixed in: 4.2.18
  458. | References:
  459. | - https://wpvulndb.com/vulnerabilities/8966
  460. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092
  461. | - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  462. | - https://github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509
  463. |
  464. | [!] Title: WordPress 1.5.0-4.9 - RSS and Atom Feed Escaping
  465. | Fixed in: 4.2.18
  466. | References:
  467. | - https://wpvulndb.com/vulnerabilities/8967
  468. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094
  469. | - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  470. | - https://github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de
  471. |
  472. | [!] Title: WordPress 3.7-4.9 - 'newbloguser' Key Weak Hashing
  473. | Fixed in: 4.2.18
  474. | References:
  475. | - https://wpvulndb.com/vulnerabilities/8969
  476. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091
  477. | - https://wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/
  478. | - https://github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c
  479. |
  480. | [!] Title: WordPress 3.7-4.9.1 - MediaElement Cross-Site Scripting (XSS)
  481. | Fixed in: 4.9.2
  482. | References:
  483. | - https://wpvulndb.com/vulnerabilities/9006
  484. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776
  485. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9263
  486. | - https://github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850
  487. | - https://wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/
  488. | - https://core.trac.wordpress.org/ticket/42720
  489. |
  490. | [!] Title: WordPress <= 4.9.4 - Application Denial of Service (DoS) (unpatched)
  491. | References:
  492. | - https://wpvulndb.com/vulnerabilities/9021
  493. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389
  494. | - https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
  495. | - https://github.com/quitten/doser.py
  496. | - https://thehackernews.com/2018/02/wordpress-dos-exploit.html
  497. |
  498. | [!] Title: WordPress 3.7-4.9.4 - Remove localhost Default
  499. | Fixed in: 4.2.20
  500. | References:
  501. | - https://wpvulndb.com/vulnerabilities/9053
  502. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101
  503. | - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  504. | - https://github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216
  505. |
  506. | [!] Title: WordPress 3.7-4.9.4 - Use Safe Redirect for Login
  507. | Fixed in: 4.2.20
  508. | References:
  509. | - https://wpvulndb.com/vulnerabilities/9054
  510. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100
  511. | - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  512. | - https://github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e
  513. |
  514. | [!] Title: WordPress 3.7-4.9.4 - Escape Version in Generator Tag
  515. | Fixed in: 4.2.20
  516. | References:
  517. | - https://wpvulndb.com/vulnerabilities/9055
  518. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102
  519. | - https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/
  520. | - https://github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d
  521. |
  522. | [!] Title: WordPress <= 4.9.6 - Authenticated Arbitrary File Deletion
  523. | Fixed in: 4.2.21
  524. | References:
  525. | - https://wpvulndb.com/vulnerabilities/9100
  526. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895
  527. | - https://blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/
  528. | - http://blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/
  529. | - https://github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd
  530. | - https://wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/
  531. | - https://www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/
  532. |
  533. | [!] Title: WordPress <= 5.0 - Authenticated File Delete
  534. | Fixed in: 4.2.22
  535. | References:
  536. | - https://wpvulndb.com/vulnerabilities/9169
  537. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
  538. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  539. |
  540. | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
  541. | Fixed in: 4.2.22
  542. | References:
  543. | - https://wpvulndb.com/vulnerabilities/9170
  544. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
  545. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  546. | - https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
  547. |
  548. | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
  549. | Fixed in: 4.2.22
  550. | References:
  551. | - https://wpvulndb.com/vulnerabilities/9171
  552. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
  553. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  554. |
  555. | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
  556. | Fixed in: 4.2.22
  557. | References:
  558. | - https://wpvulndb.com/vulnerabilities/9172
  559. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
  560. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  561. |
  562. | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
  563. | Fixed in: 4.2.22
  564. | References:
  565. | - https://wpvulndb.com/vulnerabilities/9173
  566. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
  567. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  568. | - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
  569. |
  570. | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
  571. | Fixed in: 4.2.22
  572. | References:
  573. | - https://wpvulndb.com/vulnerabilities/9174
  574. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
  575. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  576. |
  577. | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
  578. | Fixed in: 4.2.22
  579. | References:
  580. | - https://wpvulndb.com/vulnerabilities/9175
  581. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
  582. | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
  583. | - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
  584. |
  585. | [!] Title: WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution
  586. | Fixed in: 5.0.1
  587. | References:
  588. | - https://wpvulndb.com/vulnerabilities/9222
  589. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8942
  590. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8943
  591. | - https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
  592. | - https://www.rapid7.com/db/modules/exploit/multi/http/wp_crop_rce
  593. |
  594. | [!] Title: WordPress 3.9-5.1 - Comment Cross-Site Scripting (XSS)
  595. | Fixed in: 4.2.23
  596. | References:
  597. | - https://wpvulndb.com/vulnerabilities/9230
  598. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9787
  599. | - https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
  600. | - https://wordpress.org/news/2019/03/wordpress-5-1-1-security-and-maintenance-release/
  601. | - https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
  602. |
  603. | [!] Title: WordPress <= 5.2.2 - Cross-Site Scripting (XSS) in URL Sanitisation
  604. | Fixed in: 4.2.24
  605. | References:
  606. | - https://wpvulndb.com/vulnerabilities/9867
  607. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16222
  608. | - https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
  609. | - https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68
  610. | - https://hackerone.com/reports/339483
  611. |
  612. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Customizer
  613. | Fixed in: 4.2.25
  614. | References:
  615. | - https://wpvulndb.com/vulnerabilities/9908
  616. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17674
  617. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  618. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  619. |
  620. | [!] Title: WordPress <= 5.2.3 - Unauthenticated View Private/Draft Posts
  621. | Fixed in: 4.2.25
  622. | References:
  623. | - https://wpvulndb.com/vulnerabilities/9909
  624. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17671
  625. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  626. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  627. | - https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
  628. | - https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/
  629. |
  630. | [!] Title: WordPress <= 5.2.3 - Stored XSS in Style Tags
  631. | Fixed in: 4.2.25
  632. | References:
  633. | - https://wpvulndb.com/vulnerabilities/9910
  634. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17672
  635. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  636. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  637. |
  638. | [!] Title: WordPress <= 5.2.3 - JSON Request Cache Poisoning
  639. | Fixed in: 4.2.25
  640. | References:
  641. | - https://wpvulndb.com/vulnerabilities/9911
  642. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17673
  643. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  644. | - https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de
  645. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  646. |
  647. | [!] Title: WordPress <= 5.2.3 - Server-Side Request Forgery (SSRF) in URL Validation
  648. | Fixed in: 4.2.25
  649. | References:
  650. | - https://wpvulndb.com/vulnerabilities/9912
  651. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17669
  652. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17670
  653. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  654. | - https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2
  655. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  656. |
  657. | [!] Title: WordPress <= 5.2.3 - Admin Referrer Validation
  658. | Fixed in: 4.2.25
  659. | References:
  660. | - https://wpvulndb.com/vulnerabilities/9913
  661. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17675
  662. | - https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
  663. | - https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0
  664. | - https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
  665.  
  666. [+] WordPress theme in use: twentyfourteen
  667. | Location: http://wpdistillery.vm/wp-content/themes/twentyfourteen/
  668. | Last Updated: 2019-05-07T00:00:00.000Z
  669. | [!] The version is out of date, the latest version is 2.7
  670. | Style URL: http://wpdistillery.vm/wp-content/themes/twentyfourteen/style.css?ver=4.2
  671. | Style Name: Twenty Fourteen
  672. | Style URI: https://wordpress.org/themes/twentyfourteen/
  673. | Description: In 2014, our default theme lets you create a responsive magazine website with a sleek, modern design...
  674. | Author: the WordPress team
  675. | Author URI: https://wordpress.org/
  676. |
  677. | Detected By: Css Style (Passive Detection)
  678. |
  679. | Version: 1.4 (80% confidence)
  680. | Detected By: Style (Passive Detection)
  681. | - http://wpdistillery.vm/wp-content/themes/twentyfourteen/style.css?ver=4.2, Match: 'Version: 1.4'
  682.  
  683. [+] Enumerating All Plugins (via Passive Methods)
  684. [+] Checking Plugin Versions (via Passive and Aggressive Methods)
  685.  
  686. [i] Plugin(s) Identified:
  687.  
  688. [+] foxyshop
  689. | Location: http://wpdistillery.vm/wp-content/plugins/foxyshop/
  690. | Last Updated: 2018-12-11T02:18:00.000Z
  691. | [!] The version is out of date, the latest version is 4.7.4
  692. |
  693. | Detected By: Urls In Homepage (Passive Detection)
  694. |
  695. | [!] 1 vulnerability identified:
  696. |
  697. | [!] Title: Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)
  698. | Fixed in: 4.6.1
  699. | References:
  700. | - https://wpvulndb.com/vulnerabilities/7985
  701. | - https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
  702. | - https://github.com/scaron/prettyphoto/issues/149
  703. | - https://github.com/wpscanteam/wpscan/issues/818
  704. |
  705. | Version: 4.6 (100% confidence)
  706. | Detected By: Query Parameter (Passive Detection)
  707. | - http://wpdistillery.vm/wp-content/plugins/foxyshop/css/foxyshop.css?ver=4.6
  708. | Confirmed By:
  709. | Readme - Stable Tag (Aggressive Detection)
  710. | - http://wpdistillery.vm/wp-content/plugins/foxyshop/readme.txt
  711. | Readme - ChangeLog Section (Aggressive Detection)
  712. | - http://wpdistillery.vm/wp-content/plugins/foxyshop/readme.txt
  713.  
  714. [+] reflex-gallery
  715. | Location: http://wpdistillery.vm/wp-content/plugins/reflex-gallery/
  716. | Last Updated: 2019-05-10T16:05:00.000Z
  717. | [!] The version is out of date, the latest version is 3.1.7
  718. |
  719. | Detected By: Urls In Homepage (Passive Detection)
  720. |
  721. | [!] 2 vulnerabilities identified:
  722. |
  723. | [!] Title: Reflex Gallery <= 3.1.3 - Arbitrary File Upload
  724. | Fixed in: 3.1.4
  725. | References:
  726. | - https://wpvulndb.com/vulnerabilities/7867
  727. | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4133
  728. | - https://www.exploit-db.com/exploits/36374/
  729. | - https://packetstormsecurity.com/files/130845/
  730. | - https://packetstormsecurity.com/files/131515/
  731. | - https://www.rapid7.com/db/modules/exploit/unix/webapp/wp_reflexgallery_file_upload
  732. |
  733. | [!] Title: Multiple Plugins - jQuery prettyPhoto DOM Cross-Site Scripting (XSS)
  734. | Fixed in: 3.1.5
  735. | References:
  736. | - https://wpvulndb.com/vulnerabilities/7985
  737. | - https://blog.anantshri.info/forgotten_disclosure_dom_xss_prettyphoto
  738. | - https://github.com/scaron/prettyphoto/issues/149
  739. | - https://github.com/wpscanteam/wpscan/issues/818
  740. |
  741. | Version: 3.1.3 (80% confidence)
  742. | Detected By: Readme - Stable Tag (Aggressive Detection)
  743. | - http://wpdistillery.vm/wp-content/plugins/reflex-gallery/readme.txt
  744.  
  745. [+] wp-google-places-review-slider
  746. | Location: http://wpdistillery.vm/wp-content/plugins/wp-google-places-review-slider/
  747. | Last Updated: 2019-10-28T15:44:00.000Z
  748. | [!] The version is out of date, the latest version is 6.2
  749. |
  750. | Detected By: Urls In Homepage (Passive Detection)
  751. |
  752. | [!] 1 vulnerability identified:
  753. |
  754. | [!] Title: WP Google Review Slider <= 6.1 - Authenticated SQL Injection
  755. | Fixed in: 6.2
  756. | Reference: https://wpvulndb.com/vulnerabilities/9933
  757. |
  758. | Version: 6.0 (100% confidence)
  759. | Detected By: Readme - Stable Tag (Aggressive Detection)
  760. | - http://wpdistillery.vm/wp-content/plugins/wp-google-places-review-slider/readme.txt
  761. | Confirmed By: Readme - ChangeLog Section (Aggressive Detection)
  762. | - http://wpdistillery.vm/wp-content/plugins/wp-google-places-review-slider/readme.txt
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!