Author: wpscanteam

WordPress is undisputedly the most popular Content Management System (CMS) in use today. With the most commonly quoted figure being the one published by w3techs, putting WordPress at 37.7% of all websites today (July 2020) and growing. It is no surprise then that WordPress is also the most targeted CMS by hackers. Despite what some believe, WordPress… More

For the past few weeks we have been busy working on new features and improvements to our WordPress Vulnerability Database, which went live today. Even though the whole world is going through difficult times right now, we are still here adding vulnerabilities to our databases and improving our services. So, what do we have for you! More

We’re happy to announce that WPScan’s CLI JSON output can now be seamlessly imported into the Dradis Framework! More

oday we are releasing three different posters related to WPScan and WordPress security. Hopefully you find them useful enough and beautiful enough to hang on your wall. More

rs related to WPScan and WordPress security. Hopefully you find them useful enough and beautiful enough to hang on your wall. More

day we are releasing three different posters related to WPScan and WordPress security. Hopefully you find them useful enough and beautiful enough to hang on your wall. More

Yesterday, October 14th 2019, WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues. WordPress <= 5.2.3 – Stored XSS in CustomizerWordPress <= 5.2.3 – Unauthenticated View Private/Draft PostsWordPress <= 5.2.3 – Stored XSS in Style TagsWordPress <= 5.2.3 – JSON Request Cache PoisoningWordPress <= 5.2.3 -… More

WPScan started as a simple Ruby script in 2011 to help identify vulnerabilities in self-hosted WordPress websites. The simple script matured into a large software project and gained popularity amongst the security and WordPress communities. For many years we did not think of WPScan as a business, but since last year we decided that to… More

Well, in fact, there is just one change, but it’s a big one. Recently we released some big changes to WPVulnDB, which we recently blogged about. Now, we want to tell you about a big change that we are going to be making to the WPScan CLI tool in version 3.7.0, which will be released sometime within the next… More

Recently we have been working on some big improvements to WPVulnDB, which you will see being released over the next few weeks. Below is a list of the improvements which will impact users the most. More