itsMe Posted June 18, 2019 Share Posted June 18, 2019 This is the hidden content, please Sign In or Sign Up Introduction WPScan is a free and automated black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. You can use it to remotely scan WordPress installations, to find vulnerabilities within the core version, plugins, and themes. It’s maintained by the WPScan Team. Features: Detects known vulnerabilities in the WordPress core, plugins and themes, Detects weak user’s credentials (usernames & passwords), Checks overall WordPress security (mis)configuration, Runs brute force penetration testings, WordPress Version enumeration (from generator meta tag), It can perform full server headers scanning, Also performs miscellaneous WordPress checks (directory used, theme names, custom dirs, etc.). It has vulnerability database, which is regularly updated. Cita Fixes an issue in Target#scope_url_pattern when the Target url was invalid according to PublicSuffix, such as an IPv6 address – #1341 Removes the vulnerabilities key from plugin and theme version, which was always empty, when using JSON output. Vulnerabilities are always at .vulnerabilities – #1344 Updated Dependencies This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts