WordPress Security – Vulnerability Scanning

WordPress is one of the best and most popular content management system (CMS) among bloggers and there are a lot of bloggers using WordPress as a CMS. WordPress is on the hit list of the hackers and spammers, spammers use their malware to compromise a wordpress website that is why reverse engineering of malware is necessary. 

However there are other CMS available, like Joomla!, but WordPress
has its own importance and market. Since most bloggers are using
WordPress the security is also important and a single dangerous
vulnerability may lead to thousands of compromised WordPress blogs. From
the penetration tester point-of-view an administrator must be aware at
the system level, as well as the application level, of existing
vulnerabilities in order to protect these website(s).

We provide our services to secure a wordpress website / blog more information.

A quick tip
to secure a WordPress (or any other) blog from the system/server
software vulnerability is by auditing. This includes keeping up-to-date
all the server’s software, browsers, anti-virus, using strong passwords
and changing them very often, scanning the server for malware and
backdoors, using firewalls, etc.,. WordPress software itself has
different vulnerabilities; in fact security researchers discover new
vulnerabilities on a daily basis.

So in this article we will cover
some tools and plug-ins to audit WordPress software for security holes
and vulnerabilities. We will also discuss the possible ways and tools
that an attacker might use to hack into WordPress, and some of the best
way(s) to secure a WordPress blog.

WordPress Security Audit & Vulnerability Scanning

security audit is one of the most important steps to finding possible
vulnerabilities in WordPress and in this section I will discuss some
tools and plug-ins you can use to find them.

Plecost WordPress Fingerprinting Tool:

is a wonderful tool to audit a WordPress blog and it is available by
default on the most famous penetration test tools i.e., Backtrack,
Backbox and Blackbuntu. Plecost contains a database of available
plug-ins and compares them against the common vulnerability and exposure
(CVE) list to verify its vulnerability on WordPress.
Plecost can
work in two modes – either by auditing the security of a single targeted
URL or Google search results. Our goal is to audit a single URL.
Here is the result of a quick and a simple audit on WordPress using Plecost.
[email protected]:/pentest/web/scanners/plecost# ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt -c


[*] Input plugin list set to: wp_plugin_list.txt

[*] Colored output set on.


==> Results for: <==

[i] WordPress version found: 3.3

[i] WordPress last public version: 3.3.1

[*] Search for installed plugins

[i] Plugin found: akismet

|_Latest version: 2.4.0

|_ Installed version: 2.3.0

|_CVE list:

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)

|___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2007-2714: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2714)

|___CVE-2006-4743: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4743)

[i] Plugin found: wp-security-scan

|_Latest version:

|_ Installed version: trunk

|_CVE list:

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

|___CVE-2009-2334: (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2334)

can see that this WordPress software is outdated. The new version of
WordPress is available and the new version of the plug-ins are also
available, but they have not been updated. This is dangerous.

The next article of this series will be publish soon, do not forget to share this information. 

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...