-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding a scan of the php-everywhere plug-in for wpscan #1715
Comments
We have those vulnerabilities: https://wpscan.com/plugin/php-everywhere What command are you running and which output do you get ? |
docker run -it --rm wpscanteam/wpscan --url http://d3wordpress.d3ctf-challenge.n3ko.co --api-token [secret]
[+] URL: http://d3wordpress.d3ctf-challenge.n3ko.co/ [118.180.56.203] Interesting Finding(s): [+] Headers [+] XML-RPC seems to be enabled: http://d3wordpress.d3ctf-challenge.n3ko.co/xmlrpc.php [+] WordPress readme found: http://d3wordpress.d3ctf-challenge.n3ko.co/readme.html [+] A backup directory has been found: http://d3wordpress.d3ctf-challenge.n3ko.co/wp-content/backup-db/ [+] This site has 'Must Use Plugins': http://d3wordpress.d3ctf-challenge.n3ko.co/wp-content/mu-plugins/ [+] The external WP-Cron seems to be enabled: http://d3wordpress.d3ctf-challenge.n3ko.co/wp-cron.php [+] WordPress version 5.9.1 identified (Latest, released on 2022-02-22). [+] WordPress theme in use: twentytwentytwo [+] Enumerating All Plugins (via Passive Methods) [i] Plugin(s) Identified: [+] userswp [+] Enumerating Config Backups (via Passive and Aggressive Methods) [i] No Config Backups Found. [+] WPScan DB API OK [+] Finished: Sat Mar 5 04:36:05 2022 Could it be that my visit to /wp-content/plugins/everywhere/ returns a 403 status code and wpscan doesn't show it? |
By default it will do passive enumeration (such as checking the homepage etc). If the plugin is not disclosed there, then it won't appear in the results. You need to play with the |
Is your feature request related to a problem? Please describe.
wpscan now can't scan php-everywhere plugins but the plugin has vulnerabilities that can lead to code execution
Describe the solution you'd like
Adding a scan of the php-everywhere plugin for wpscan
Describe alternatives you've considered
Additional context
Reference:
The text was updated successfully, but these errors were encountered: