Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- _______________________________________________________________
- __ _______ _____
- \ \ / / __ \ / ____|
- \ \ /\ / /| |__) | (___ ___ __ _ _ __ ®
- \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
- \ /\ / | | ____) | (__| (_| | | | |
- \/ \/ |_| |_____/ \___|\__,_|_| |_|
- WordPress Security Scanner by the WPScan Team
- Version 2.9.4
- Sponsored by Sucuri - https://sucuri.net
- @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_
- _______________________________________________________________
- [+] URL: https://wearechange.org/
- [+] Started: Wed Sep 5 02:35:01 2018
- [+] Interesting header: LINK: </wp-content/cache/minify/41aaf.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/853fc.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/1d222.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/51398.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/b575d.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/e7cc1.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/6ce07.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/29e8b.js>; rel=preload; as=script
- [+] Interesting header: LINK: </wp-content/cache/minify/bb3b4.css>; rel=preload; as=style
- [+] Interesting header: LINK: </wp-content/cache/minify/cf0b0.css>; rel=preload; as=style
- [+] Interesting header: REFERRER-POLICY: same-origin
- [+] Interesting header: SERVER: nginx
- [+] Interesting header: STRICT-TRANSPORT-SECURITY: max-age=31536000
- [+] Interesting header: X-CONTENT-TYPE-OPTIONS: nosniff
- [+] Interesting header: X-FRAME-OPTIONS: SAMEORIGIN
- [+] Interesting header: X-POWERED-BY: W3 Total Cache/0.9.7
- [+] Interesting header: X-PROXY-CACHE: MISS
- [+] Interesting header: X-XSS-PROTECTION: 1; mode=block
- [+] robots.txt available under: https://wearechange.org/robots.txt [HTTP 200]
- [+] Interesting entry from robots.txt: https://wearechange.org/cgi-bin/ [HTTP 404]
- [+] Interesting entry from robots.txt: https://wearechange.org/search/ [HTTP 404]
- [+] Interesting entry from robots.txt: https://wearechange.org/tag/ [HTTP 301]
- [+] Interesting entry from robots.txt: https://wearechange.org/trackback/ [HTTP 404]
- [+] Interesting entry from robots.txt: https://wearechange.org/wp-content/gallery/ [HTTP 403]
- [+] Interesting entry from robots.txt: https://wearechange.org/wp-content/uploads/ [HTTP 403]
- [+] Interesting entry from robots.txt: https://wearechange.org/wp-content/uploads/pb_backupbuddy/ [HTTP 200]
- [+] Interesting entry from robots.txt: https://wearechange.org/wp-content/uploads/wc-logs/ [HTTP 403]
- [+] Interesting entry from robots.txt: https://wearechange.org/xmlrpc.php [HTTP 403]
- [+] Sitemap found: https://wearechange.org/robots.txt [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/author-sitemap.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/page-sitemap.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap1.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap2.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap3.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap4.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap5.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap6.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/post-sitemap7.xml [HTTP 200]
- [+] Sitemap entry: https://wearechange.org/sitemap_index.xml [HTTP 200]
- [+] Found an RSS Feed: https://wearechange.org/feed/ [HTTP 403]
- [!] Missing Author field. Maybe non-standard WordPress RSS feed?
- [+] Enumerating WordPress version ...
- [+] WordPress version 4.9.8 (Released on 2018-08-02) identified from advanced fingerprinting
- [+] WordPress theme in use: Extra - v2.7.1
- [+] Name: Extra - v2.7.1
- | Location: https://wearechange.org/wp-content/themes/Extra/
- | Readme: https://wearechange.org/wp-content/themes/Extra/README.md
- | Changelog: https://wearechange.org/wp-content/themes/Extra/changelog.txt
- | Style URL: https://wearechange.org/wp-content/themes/Extra/style.css
- | Theme Name: Extra
- | Theme URI: http://www.elegantthemes.com/gallery/extra/
- | Description: Extra
- | Author: Elegant Themes
- | Author URI: http://www.elegantthemes.com
- [+] Enumerating plugins from passive detection ...
- | 10 plugins found:
- [+] Name: ajax-search-lite
- | Latest version: 4.7.16
- | Last updated: 2018-07-10T12:30:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/ajax-search-lite/
- | Readme: https://wearechange.org/wp-content/plugins/ajax-search-lite/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/ajax-search-lite/changelog.md
- [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
- [!] Title: Ajax Search Lite <= 3.1 - Authenticated RCE
- Reference: https://wpvulndb.com/vulnerabilities/7858
- Reference: http://web.archive.org/web/20150619084745/http://research.evex.pw/?vuln=9
- [i] Fixed in: 3.11
- [+] Name: bloom
- | Latest version: 1.0.4
- | Last updated: 2016-04-14T16:53:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/bloom/
- | Readme: https://wearechange.org/wp-content/plugins/bloom/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/bloom/changelog.txt
- [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
- [!] Title: ElegantThemes - Privilege Escalation
- Reference: https://wpvulndb.com/vulnerabilities/8394
- Reference: http://www.pritect.net/blog/elegant-themes-security-vulnerability
- Reference: http://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products
- [i] Fixed in: 1.1.1
- [+] Name: disqus-comment-system - v3.0.16
- | Latest version: 3.0.16 (up to date)
- | Last updated: 2018-05-25T18:25:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/disqus-comment-system/
- | Readme: https://wearechange.org/wp-content/plugins/disqus-comment-system/README.txt
- | Changelog: https://wearechange.org/wp-content/plugins/disqus-comment-system/changelog.md
- [+] Name: disqus-recent-comments-widget
- | Latest version: 1.2
- | Last updated: 2014-09-22T01:54:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/disqus-recent-comments-widget/
- | Readme: https://wearechange.org/wp-content/plugins/disqus-recent-comments-widget/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/disqus-recent-comments-widget/changelog.md
- [+] Name: divi-booster
- | Location: https://wearechange.org/wp-content/plugins/divi-booster/
- | Readme: https://wearechange.org/wp-content/plugins/divi-booster/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/divi-booster/changelog.md
- [+] Name: emember-extra-login-shortcodes
- | Location: https://wearechange.org/wp-content/plugins/emember-extra-login-shortcodes/
- | Readme: https://wearechange.org/wp-content/plugins/emember-extra-login-shortcodes/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/emember-extra-login-shortcodes/changelog.md
- [+] Name: instagram-feed - v1.9.1
- | Latest version: 1.9.1 (up to date)
- | Last updated: 2018-07-02T21:19:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/instagram-feed/
- | Readme: https://wearechange.org/wp-content/plugins/instagram-feed/README.txt
- | Changelog: https://wearechange.org/wp-content/plugins/instagram-feed/changelog.md
- [+] Name: monarch
- | Location: https://wearechange.org/wp-content/plugins/monarch/
- | Readme: https://wearechange.org/wp-content/plugins/monarch/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/monarch/changelog.txt
- [!] We could not determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
- [!] Title: ElegantThemes - Privilege Escalation
- Reference: https://wpvulndb.com/vulnerabilities/8394
- Reference: http://www.pritect.net/blog/elegant-themes-security-vulnerability
- Reference: http://wptavern.com/critical-security-vulnerability-discovered-in-elegant-themes-products
- [i] Fixed in: 1.2.7
- [+] Name: wp-eMember
- | Location: https://wearechange.org/wp-content/plugins/wp-eMember/
- | Readme: https://wearechange.org/wp-content/plugins/wp-eMember/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/wp-eMember/changelog.md
- [+] Name: w3-total-cache - v0.9.7
- | Latest version: 0.9.7 (up to date)
- | Last updated: 2018-04-25T21:31:00.000Z
- | Location: https://wearechange.org/wp-content/plugins/w3-total-cache/
- | Readme: https://wearechange.org/wp-content/plugins/w3-total-cache/readme.md
- | Changelog: https://wearechange.org/wp-content/plugins/w3-total-cache/changelog.txt
- [+] Finished: Wed Sep 5 02:37:07 2018
- [+] Elapsed time: 00:02:06
- [+] Requests made: 163
- [+] Memory used: 143.781 MB
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement