are exposed to be attacked and be converted into a virus, malware or
illegal porn provider, without the knowledge of the blog owner.
This project try to help sysadmins and blog’s owners to make a bit secure their WordPress.
Plecost is a vulnerability fingerprinting and vulnerability finder for WordPress blog engine.
This Plecost 3 version, add a lot of new features and fixes, like:
- Fixed a lot of bugs.
- New engine: without threads or any dependencies, but run more
faster. We’ll used python 3 asyncio and non-blocking connections. Also
consume less memory. Incredible, right? 🙂
- Changed CVE update system and storage: Now Plecost get
vulnerabilities directly from NIST and create a local SQLite data base
with filtered information for WordPress and theirs plugins.
- WordPress vulnerabilities: Now Plecost also manage WordPress Vulnerabilities (not only for the Plugins).
- Add local vulnerability database are queryable. You can consult the
vulnerabilities for a concrete wordpress or plugins without, using the
Install Plecost is so easy:
$ python3 -m pip install plecost
Remember that Plecost3 only runs in Python 3.
Scan a web site si so simple:
$ plecost http://SITE.com
A bit complex scan: increasing verbosity exporting results in JSON format and XML:
$ plecost -v http://SITE.com -o results.json
$ plecost -v http://SITE.com -o results.xml
Download and read more at: