Scan WordPress Vulnerability with WPScan

This tutorial is 100% for Education Purpose only. Any time the word “Hacking” that is used on this site shall be regarded as Ethical Hacking. Do not attempt to violate the law with anything contained here. If you planned to use the content for illegal purposes, then please leave this site immediately! We will not be responsible for any illegal actions.

WordPress Security Scanner
WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites.

WPScan

How to use WPScan

To check what options does the WPScan have you can use “wpscan --help”.

To update database to the latest version, you can run this command:

wpscan --update

To scan installed plugins:

wpscan --url http(s)://your-domain.com --enumerate p

To scan vulnerable plugins:

wpscan --url http(s)://your-domain.com --enumerate vp

Scan installed themes:

wpscan --url http(s)://your-domain.com --enumerate t

Scan vulnerable themes:

wpscan --url http(s)://your-domain.com --enumerate vt

Scan user accounts:

wpscan --url http(s)://your-domain.com --enumerate u

Scan vulnerable timthumb files:

wpscan --url http(s)://your-domain.com --enumerate tt

Examples:

• Scan vulnerable users/accounts

“wpscan — url pentest.id — enumerate u”

Here we found some users identified from the server

• Scan Vulnerable timthumb files

“wpscan --url pentest.id --enumerate tt”

And you need to wait a moment for the checking process

And in this case, it found nothing in the target.

Thank you