Dump of wpscan output

Home

#+BEGIN_EXAMPLE

$ wpscan –url zintis.net –api-token xLBReBlUMH3fsOHWGuawNfnQZe77qj6EU0pLgM7SAwg _ _ __ _ \ \ / / _ \ / ___| \ \ /\ / /| |) | (_ _ _ _ _ _ ® \ \/ \/ / | / \ \ / _|/ _` | ' \ \ \ / | | __) | (__| (_| | | | | \ \/ |_| |_____/ \___|\__,_|_| |_|

WordPress Security Scanner by the WPScan Team Version 3.8.15 Sponsored by Automattic - https://automattic.com/ @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart _

[+] URL: http://zintis.net/ [139.177.192.45] [+] Effective URL: https://zintis.net/ [+] Started: Thu May 27 13:10:41 2021

Interesting Finding(s):

[+] Headers

Interesting Entries:

- Server: Apache/2.4.37 (centos) OpenSSL/1.1.1g

- X-Powered-By: PHP/7.2.24

Found By: Headers (Passive Detection)

Confidence: 100%

[+] WordPress version 5.7.2 identified (Latest, released on 2021-05-12).

Found By: Rss Generator (Passive Detection)

- https://zintis.net/feed/, <generator>https://wordpress.org/?v=5.7.2</generator>

- https://zintis.net/comments/feed/, <generator>https://wordpress.org/?v=5.7.2</generator>

[+] WordPress theme in use: astra

Location: http://zintis.net/wp-content/themes/astra/

Latest Version: 3.4.6

Last Updated: 2021-05-24T00:00:00.000Z

Style URL: http://zintis.net/wp-content/themes/astra/style.css

Found By: Urls In Homepage (Passive Detection)

Confirmed By: Urls In 404 Page (Passive Detection)

The version could not be determined.

[+] Enumerating All Plugins (via Passive Methods) [+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] elementor

Location: http://zintis.net/wp-content/plugins/elementor/

Latest Version: 3.2.3 (up to date)

Last Updated: 2021-05-26T18:02:00.000Z

Found By: Urls In Homepage (Passive Detection)

Version: 3.2.4 (20% confidence)

Found By: Query Parameter (Passive Detection)

- https://zintis.net/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.4

- https://zintis.net/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.4

[+] wpforms-lite

Location: http://zintis.net/wp-content/plugins/wpforms-lite/

Latest Version: 1.6.7

Last Updated: 2021-05-13T11:03:00.000Z

Found By: Urls In Homepage (Passive Detection)

[!] 4 vulnerabilities identified:

[!] Title: Contact Form by WPForms < 1.4.8 - Authenticated Stored Cross-Site Scripting (XSS)

Fixed in: 1.4.8

References:

- https://wpscan.com/vulnerability/0a50ad3d-6062-47d9-9602-bfded802200d

- https://www.ripstech.com/php-security-calendar-2018/

[!] Title: Contact Form by WPForms < 1.4.8.1 - Unauthenticated Cross-Site Scripting (XSS)

Fixed in: 1.4.8.1

References:

- https://wpscan.com/vulnerability/008f8eb8-0643-4e59-bd29-acdc1e6f7a06

- https://www.ripstech.com/php-security-calendar-2018/

- https://plugins.trac.wordpress.org/changeset/1935751/wpforms-lite

- https://demo.ripstech.com/issue/96/136/1/52191/details

[!] Title: Contact Form by WPForms < 1.5.9 - Authenticated Cross-Site Scripting (XSS)

Fixed in: 1.5.9

References:

- https://wpscan.com/vulnerability/0d5c51d8-a834-4680-9939-b6d37fd3d237

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10385

- https://www.exploit-db.com/exploits/48245/

- https://www.jinsonvarghese.com/stored-xss-vulnerability-found-in-wpforms-plugin/

- https://packetstormsecurity.com/files/156874/

- https://www.getastra.com/blog/911/plugin-exploit/stored-xss-vulnerability-found-in-wpforms-plugin/

[!] Title: Contact Form by WPForms < 1.6.0.2 - Authenticated Stored Cross-Site Scripting (XSS)

Fixed in: 1.6.0.2

References:

- https://wpscan.com/vulnerability/006047c3-2d46-4075-91fe-b55f4b7a4b06

- https://fortiguard.com/zeroday/FG-VD-20-063

- https://plugins.trac.wordpress.org/changeset/2309431/wpforms-lite/trunk/includes/admin/builder/panels/class-fields.php?old=2288506

The version could not be determined.

[+] Enumerating Config Backups (via Passive and Aggressive Methods) Checking Config Backups - Time: 00:00:00 <============================================================> (137 / 137) 100.00% Time: 00:00:00

[i] No Config Backups Found.

[+] WPScan DB API OK

Plan: free

Requests Done (during the scan): 4

Requests Remaining: 21

[+] Finished: Thu May 27 13:10:44 2021 [+] Requests Done: 145 [+] Cached Requests: 49 [+] Data Sent: 29.278 KB [+] Data Received: 99.063 KB [+] Memory used: 245.879 MB [+] Elapsed time: 00:00:03 /Users/zintis/eg[534]: