20Aug, 2018
0Comments

WPScan Vulnerabilities

WPScan can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and security configuration issues are present. The database at wpvulndb.com is used to check for vulnerable software and the WPScan team maintains the ever-growing list of vulnerabilities.

LINUX DEPENDENCIES

  • apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential

INSTALL WPSCAN

  • wget https://dl.dropboxusercontent.com/u/75125577/wp-plugins/wpscan.zip
  • unzip wpscan.zip
  • cd wpscan

INSTALL THE BUNDLER

  • gem install bundler && bundle install –without test

READY TO SCAN WP

  • Scanning for Vulnerabilities
  • ruby wpscan.rb –url http://yourwebsite.com

UPDATING WP SCAN

  • ruby wpscan.rb –update

CHECKING FOR VULNERABLE PLUGINS

  • Adding the –enumerate vp argument checks the WordPress website for vulnerable plugins.
  • ruby wpscan.rb –url http://yourwebsite.com –enumerate vp

CHECKING FOR VULNERABLE THEMES

  • Similarly, adding –enumerate vt to the command checks the WordPress website for vulnerable themes.
  • ruby wpscan.rb –url http://yourwebsite.com –enumerate vt

FINAL WORDS

Installing security updates is important for your WordPress site and we hope that this blog here will give a clear insight as how to install and make use of WordPress Vulnerability Scanner.

Post A Comment

Your email address will not be published. Required fields are marked *