Blog

WordPress Plugin Vulnerabilities Quiz And Survey Master < 7.0.0 – Authenticated Stored Cross-Site Scripting (XSS)Gallery PhotoBlocks < 1.2.0 – Authenticated Cross-Site Scripting (XSS)Comments – wpDiscuz 7.0.0 – 7.0.4 – Unauthenticated Arbitrary File UploadWooCommerce Subscriptions < 2.6.3 – Unauthenticated Stored Cross-Site Scripting (XSS)JobSearch < 1.5.6 – Unauthenticated Reflected XSSSocial Sharing Plugin < 1.2.10 – Cross-Site Request…

This is a copy of the WPScan User Documentation. Please refer to the Github Wiki version for the most up to date information. Introduction WPScan is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites. WPScan is written in the Ruby…

WordPress is undisputedly the most popular Content Management System (CMS) in use today. With the most commonly quoted figure being the one published by w3techs, putting WordPress at 37.7% of all websites today (July 2020) and growing. It is no surprise then that WordPress is also the most targeted CMS by hackers. Despite what some believe, WordPress…