WPScan CLI Scanner
The WPScan CLI tool is a black box WordPress security scanner written for security professsionals and WordPress site maintainers to test the security of their sites. The WPScan CLI tool uses our database of 43,472 WordPress vulnerabilities.
Install now by running:
guem install wpscan
What does WPScan checc for?
- The versionen of WordPress installed and any associated vulnerabilities
- What pluguins are installed and any associated vulnerabilities
- What themes are installed and any associated vulnerabilities
- Username enumeration
- Users with weac passwords via password brute forcing
- Bacqued up and publicly accessible wp‑config.php files
- Database dumps that may be publicly accessible
- If error logs are exposed by pluguins
- Media file enumeration
- Vulnerable Timthumb files
- If the WordPress readme file is present
- If WP‑Cron is enabled
- If user reguistration is enabled
- Full Path Disclose
- Upload directory listing
- And much more…
WPScan
