TEXT 19
Untitled By Guest on 12th October 2017 07:33:48 AM
  1. oot@kali:~# wpscan --url http://orthodoxafrica.org
  2. _______________________________________________________________
  3.         __          _______   _____                  
  4.         \ \        / /  __ \ / ____|                
  5.          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
  6.           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
  7.            \  /\  /  | |     ____) | (__| (_| | | | |
  8.             \/  \/   |_|    |_____/ \___|\__,_|_| |_|
  9.  
  10.         WordPress Security Scanner by the WPScan Team
  11.                        Version 2.9.3
  12.           Sponsored by Sucuri - https://sucuri.net
  13.    @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
  14. _______________________________________________________________
  15.  
  16. [i] It seems like you have not updated the database for some time.
  17. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]y
  18. [i] Updating the Database ...
  19. [i] Update completed.
  20. [+] URL: http://orthodoxafrica.org/
  21. [+] Started: Thu Oct 12 15:26:19 2017
  22.  
  23. [+] robots.txt available under: 'http://orthodoxafrica.org/robots.txt'
  24. [!] The WordPress 'http://orthodoxafrica.org/readme.html' file exists exposing a version number
  25. [+] Interesting header: LINK: <http://orthodoxafrica.org/wp-json/>; rel="https://api.w.org/", <http://orthodoxafrica.org/>; rel=shortlink
  26. [+] Interesting header: SERVER: Apache
  27.  
  28. [+] WordPress version 4.8.2 (Released on 2017-09-19) identified from advanced fingerprinting, meta generator, links opml, stylesheets numbers
  29. [!] 1 vulnerability identified from the version number
  30.  
  31. [!] Title: WordPress 2.3-4.8.2 - Host Header Injection in Password Reset
  32.     Reference: https://wpvulndb.com/vulnerabilities/8807
  33.     Reference: https://exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html
  34.     Reference: http://blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html
  35.     Reference: https://core.trac.wordpress.org/ticket/25239
  36.     Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295 ///
  37.  
  38. [+] WordPress theme in use: twentyseventeen - v1.3
  39.  
  40. [+] Name: twentyseventeen - v1.3
  41.  |  Latest version: 1.3 (up to date)
  42.  |  Last updated: 2017-06-08T00:00:00.000Z
  43.  |  Location: http://orthodoxafrica.org/wp-content/themes/twentyseventeen/
  44.  |  Readme: http://orthodoxafrica.org/wp-content/themes/twentyseventeen/README.txt
  45.  |  Style URL: http://orthodoxafrica.org/wp-content/themes/twentyseventeen/style.css
  46.  |  Theme Name: Twenty Seventeen
  47.  |  Theme URI: https://wordpress.org/themes/twentyseventeen/
  48.  |  Description: Twenty Seventeen brings your site to life with header video and immersive featured images. With a...
  49.  |  Author: the WordPress team
  50.  |  Author URI: https://wordpress.org/
  51.  
  52. [+] Enumerating plugins from passive detection ...
  53.  | 9 plugins found:
  54.  
  55. [+] Name: cf7-polylang - v1.4.3
  56.  |  Last updated: 2017-09-14T20:49:00.000Z
  57.  |  Location: http://orthodoxafrica.org/wp-content/plugins/cf7-polylang/
  58.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/cf7-polylang/README.txt
  59. [!] The version is out of date, the latest version is 1.4.6
  60.  
  61. [+] Name: contact-form-7 - v4.9
  62.  |  Latest version: 4.9 (up to date)
  63.  |  Last updated: 2017-08-18T06:07:00.000Z
  64.  |  Location: http://orthodoxafrica.org/wp-content/plugins/contact-form-7/
  65.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/contact-form-7/readme.txt
  66.  
  67. [+] Name: give - v1.8.13
  68.  |  Latest version: 1.8.13 (up to date)
  69.  |  Last updated: 2017-09-08T00:10:00.000Z
  70.  |  Location: http://orthodoxafrica.org/wp-content/plugins/give/
  71.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/give/readme.txt
  72.  |  Changelog: http://orthodoxafrica.org/wp-content/plugins/give/changelog.txt
  73.  
  74. [+] Name: paypal-wp-button-manager - v1.0.3
  75.  |  Latest version: 1.0.3 (up to date)
  76.  |  Last updated: 2016-12-26T09:54:00.000Z
  77.  |  Location: http://orthodoxafrica.org/wp-content/plugins/paypal-wp-button-manager/
  78.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/paypal-wp-button-manager/README.txt
  79.  
  80. [+] Name: simple-social-icons - v2.0.1
  81.  |  Latest version: 2.0.1 (up to date)
  82.  |  Last updated: 2016-12-08T17:25:00.000Z
  83.  |  Location: http://orthodoxafrica.org/wp-content/plugins/simple-social-icons/
  84.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/simple-social-icons/readme.txt
  85.  
  86. [+] Name: siteorigin-panels - v2.5.13
  87.  |  Latest version: 2.5.13 (up to date)
  88.  |  Last updated: 2017-09-29T18:47:00.000Z
  89.  |  Location: http://orthodoxafrica.org/wp-content/plugins/siteorigin-panels/
  90.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/siteorigin-panels/readme.txt
  91.  
  92. [+] Name: so-widgets-bundle - v1.9.10
  93.  |  Last updated: 2017-10-11T07:55:00.000Z
  94.  |  Location: http://orthodoxafrica.org/wp-content/plugins/so-widgets-bundle/
  95.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/so-widgets-bundle/readme.txt
  96. [!] The version is out of date, the latest version is 1.10.0
  97.  
  98. [+] Name: wp-gallery-custom-links - v1.12
  99.  |  Latest version: 1.12 (up to date)
  100.  |  Last updated: 2017-01-31T22:42:00.000Z
  101.  |  Location: http://orthodoxafrica.org/wp-content/plugins/wp-gallery-custom-links/
  102.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/wp-gallery-custom-links/readme.txt
  103.  
  104. [+] Name: wordpress-seo - v5.5.1
  105.  |  Last updated: 2017-10-10T07:32:00.000Z
  106.  |  Location: http://orthodoxafrica.org/wp-content/plugins/wordpress-seo/
  107.  |  Readme: http://orthodoxafrica.org/wp-content/plugins/wordpress-seo/readme.txt
  108. [!] The version is out of date, the latest version is 5.6
  109.  
  110. [+] Finished: Thu Oct 12 15:28:03 2017
  111. [+] Requests Done: 96
  112. [+] Memory used: 116.637 MB
  113. [+] Elapsed time: 00:01:44

Paste is for source code and general debugging text.

Login or Register to delete or keep track of your pastes.