Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Interesting Finding(s):
- [+] https://ajkerkotha.com/
- | Interesting Entries:
- | - Server: Apache
- | - X-Powered-By: PHP/7.1.18
- | Found By: Headers (Passive Detection)
- | Confidence: 100%
- [+] https://ajkerkotha.com/xmlrpc.php
- | Found By: Link Tag (Passive Detection)
- | Confidence: 100%
- | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
- | References:
- | - http://codex.wordpress.org/XML-RPC_Pingback_API
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
- | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
- | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
- [+] https://ajkerkotha.com/wp-content/backup-db/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 70%
- | Reference: https://github.com/wpscanteam/wpscan/issues/422
- [+] This site has 'Must Use Plugins': https://ajkerkotha.com/wp-content/mu-plugins/
- | Found By: Direct Access (Aggressive Detection)
- | Confidence: 80%
- | Reference: http://codex.wordpress.org/Must_Use_Plugins
- [+] WordPress version 5.0 identified (Insecure, released on 2018-12-06).
- | Detected By: Rss Generator (Passive Detection)
- | - https://ajkerkotha.com/?feed=rss2, <generator>https://wordpress.org/?v=5.0</generator>
- | - https://ajkerkotha.com/?feed=comments-rss2, <generator>https://wordpress.org/?v=5.0</generator>
- |
- | [!] 7 vulnerabilities identified:
- |
- | [!] Title: WordPress <= 5.0 - Authenticated File Delete
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9169
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20147
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- |
- | [!] Title: WordPress <= 5.0 - Authenticated Post Type Bypass
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9170
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20152
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- |
- | [!] Title: WordPress <= 5.0 - PHP Object Injection via Meta Data
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9171
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20148
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- |
- | [!] Title: WordPress <= 5.0 - Authenticated Cross-Site Scripting (XSS)
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9172
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20153
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- |
- | [!] Title: WordPress <= 5.0 - Cross-Site Scripting (XSS) that could affect plugins
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9173
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20150
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- | - https://github.com/WordPress/WordPress/commit/fb3c6ea0618fcb9a51d4f2c1940e9efcd4a2d460
- |
- | [!] Title: WordPress <= 5.0 - User Activation Screen Search Engine Indexing
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9174
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20151
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- |
- | [!] Title: WordPress <= 5.0 - File Upload to XSS on Apache Web Servers
- | Fixed in: 5.0.1
- | References:
- | - https://wpvulndb.com/vulnerabilities/9175
- | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20149
- | - https://wordpress.org/news/2018/12/wordpress-5-0-1-security-release/
- | - https://github.com/WordPress/WordPress/commit/246a70bdbfac3bd45ff71c7941deef1bb206b19a
- [+] WordPress theme in use: jnews
- | Location: https://ajkerkotha.com/wp-content/themes/jnews/
- | Readme: https://ajkerkotha.com/wp-content/themes/jnews/readme.txt
- | [!] An error log file has been found: https://ajkerkotha.com/wp-content/themes/jnews/error_log
- | Style URL: https://ajkerkotha.com/wp-content/themes/jnews/style.css?ver=1.2.2
- | Style Name: JNews
- | Style URI: http://themeforest.net
- | Description: JNews...
- | Author: Jegtheme
- | Author URI: http://jegtheme.com/
- |
- | Detected By: Css Style (Passive Detection)
- |
- | Version: 1.2.2 (80% confidence)
- | Detected By: Style (Passive Detection)
- | - https://ajkerkotha.com/wp-content/themes/jnews/style.css?ver=1.2.2, Match: 'Version: 1.2.2'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement