S4E

Security For Everyone

Full Wordpress Scanner

Did you know WordPress is the most frequently used (36% of all websites) and also hacked content management system around the world? You don’t need to worry. You can scan your WordPress website with our online tools to eliminate the risk of hacking.

Short Info

Level

Informational

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

5 minutes

Time Interval

1 week

Scan only one

Domain, IPv4, Subdomain

Toolbox

-
Full Wordpress Scanner

WordPress Security Scan

WordPress is a content management system. Due to its simple installation, automatic set-up support by many hosting providers, opensource code structure, thousands of theme and plugin support, different file type support and a high number of online documents, this system is used by many people. What is more, even the corporate firms can use this system in addition to individual bloggers.

WordPress’s popularity has made it a focal point of the attackers. For this reason, attackers work really hard to exploit WordPress vulnerabilities. They compromised paid WordPress plugins and themes. Then, they leave a backdoor in them and offer these themes and plugins for free to users. When a website is built with these themes and plugins, attackers can easily compromise that website.

The main reasons for the system with the WordPress infrastructure to be compromised by the attackers are as follows:

  1. Not using the most up-to-date WordPress version
  2. Using non-updated plugins
  3. Installing plugins from untrusted sources
  4. Using untrusted themes
  5. Inadequate configuration of the password to access to WordPress admin panel
  6. Shared hosting services
  7. Database configuration errors

Especially let’s emphasise those who can’t be checked remotely without providing information. First of them is the cybersecurity risks in shared hosting. Share hosting services host multiple website client on a server. In fact, if you could take the folder with the files of your website to higher directory, you can see the folders of all websites. But correctly configured server will prevent you to see other websites on the same server. If the server is not configured correctly, when one of the websites on that server is compromised, all other websites can be compromised. Remember, you are as safe as the weakest link in cybersecurity.

Another thing is about database configuration. You need to be careful if the database has other data than your website (which is the case for most databases). When the user information with database reading authentication is compromised (this could be root or user of the other websites), the database of your website will be compromised.

After talking about these two remotely uncontrolled but important attack vectors, it is time to talk about what we can do and our recommendations.


How can you ensure the security of a WordPress website?

You can use our free and online WordPress Vulnerability Control tool to easily check WordPress vulnerability. To do this, you can start by typing your domain name in the form on top of the page and start scanning.

Or you can remotely check them by using open-source code tools such as wpscan, cmsscan. These tools will provide you with a report as if your website is attacked.

wpscan --url https://s4e.io

[+] URL: https://s4e.io/ [127.0.0.1]
[+] Started: Sun Jun  7 18:34:17 2020

Interesting Finding(s):

[+] Headers
 | Interesting Entries:
 |  - Server: nginx
 |  - X-Powered-By: PHP/5.4.45
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

[+] XML-RPC seems to be enabled: https://s4e.io/xmlrpc.php
 | Found By: Headers (Passive Detection)
 | Confidence: 100%
 | Confirmed By:
 |  - Link Tag (Passive Detection), 30% confidence
 |  - Direct Access (Aggressive Detection), 100% confidence
 | References:
 |  - http://codex.wordpress.org/XML-RPC_Pingback_API
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
 |  - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
 |  - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access

[+] https://s4e.io/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

[+] The external WP-Cron seems to be enabled: https://s4e.io/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

[+] WordPress version 2.3.3 identified (Insecure, released on 2008-02-05).
 | Found By: Rss Generator (Passive Detection)
 |  - https://s4e.io/?feed=rss2, 
 |  - https://s4e.io/?feed=rss2, http://wordpress.org/?v=2.3.3

[+] WordPress theme in use: theme212
 | Location: https://s4e.io/wp-content/themes/theme212/
 | Style URL: https://s4e.io/wp-content/themes/theme212/style.css
 | Style Name: WordPress theme 212
 | Style URI: http://wordpress.org/
 | Description: A theme from Template-Help.com Collection...
 | Author: Template_Help.com
 | Author URI: http://www.Template-Help.com/
 |
 | Found By: Css Style In Homepage (Passive Detection)
 |
 | Version: 2.0 (80% confidence)
 | Found By: Style (Passive Detection)
 |  - https://s4e.io/wp-content/themes/theme212/style.css, Match: 'Version: 2.0'

[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] wp-gbcf
 | Location: https://s4e.io/wp-content/plugins/wp-gbcf/
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.
Get started to protecting your Free Full Security Scan
Start trialSee the plans