IssueHuntfuture-architect/vuls
The issue has been solved
WordPress Vulnerability Scan (core, plugin, theme) #689
kotakanbe posted onGitHub
https://wpvulndb.com/api provides vulnerability information.
wp command can get WordPress core, plugin and theme version.
It seems to be able to detect using this version information and vulnerability database.
WP core version
wp core version --path=/home/kusanagi/yokota/DocumentRoot/
4.9.6Which plugin installed
[root@wp~]# wp plugin list --path=/home/hoge/wp/DocumentRoot/ --format=json | jq "."
[
{
"name": "akismet",
"status": "inactive",
"update": "none",
"version": "4.0.8"
},
{
"name": "bootstrap-for-contact-form-7",
"status": "active",
"update": "none",
"version": "1.4.8"
},
{
"name": "contact-form-7",
"status": "active",
"update": "available",
"version": "5.0.2"
},
{
"name": "dentist-cpt",
"status": "active",
"update": "none",
"version": "1.0"
},
{
"name": "hello",
"status": "inactive",
"update": "none",
"version": "1.7"
},
{
"name": "insta-gallery",
"status": "active",
"update": "available",
"version": "1.6.1"
},
{
"name": "translatepress-multilingual",
"status": "inactive",
"update": "available",
"version": "1.2.5"
},
{
"name": "unyson",
"status": "active",
"update": "available",
"version": "2.7.18"
},
{
"name": "wp-multibyte-patch",
"status": "inactive",
"update": "none",
"version": "2.8.1"
},
{
"name": "kusanagi-wp-configure",
"status": "must-use",
"update": "none",
"version": "0.7"
},
{
"name": "wp-kusanagi",
"status": "must-use",
"update": "none",
"version": "1.0.24"
}
]Which theme installed
[root@wp ~]# wp theme list --path=/home/hoge/wp/DocumentRoot/ --format=js
on | jq "."
[
{
"name": "dentist_wp",
"status": "active",
"update": "none",
"version": "1.6.6"
},
{
"name": "twentyfifteen",
"status": "inactive",
"update": "none",
"version": "2.0"
},
{
"name": "twentyseventeen",
"status": "inactive",
"update": "none",
"version": "1.6"
},
{
"name": "twentysixteen",
"status": "inactive",
"update": "none",
"version": "1.5"
}
]
Vulnerability Database
curl -H "Authorization: Token token=API_TOKEN" https://wpvulndb.com/api/v3/plugins/eshop
JSON response (prettified)
{
"eshop": {
"latest_version": "6.3.14",
"last_updated": "2015-09-10T09:16:00.000Z",
"popular": false,
"vulnerabilities": [
{
"id": 7004,
"title": "eShop - wp-admin/admin.php Multiple Parameter XSS",
"created_at": "2014-08-01T10:59:06.000Z",
"updated_at": "2015-05-15T13:48:24.000Z",
"published_date": null,
"references": {
"url": [
"http://seclists.org/bugtraq/2011/Aug/52",
"http://www.htbridge.ch/advisory/multiple_xss_in_eshop_for_wordpress.html"
],
"secunia": [
"45553"
]
},
"vuln_type": "XSS",
"fixed_in": "6.2.9"
},
{
"id": 7967,
"title": "eShop <= 6.3.11 - Remote Code Execution",
"created_at": "2015-05-06T20:33:09.000Z",
"updated_at": "2015-07-04T19:10:12.000Z",
"published_date": "2015-05-06T00:00:00.000Z",
"references": {
"url": [
"http://packetstormsecurity.com/files/131783/",
"https://plugins.trac.wordpress.org/changeset/1170942/eshop"
],
"cve": [
"2015-3421"
]
},
"vuln_type": "RCE",
"fixed_in": "6.3.12"
},
{
"id": 8180,
"title": "eShop <= 6.3.13 - Reflected Cross-Site Scripting (XSS) & CSRF",
"created_at": "2015-09-09T20:36:51.000Z",
"updated_at": "2015-09-09T20:36:51.000Z",
"published_date": "2015-09-09T00:00:00.000Z",
"references": {
"url": [
"http://packetstormsecurity.com/files/133480/"
]
},
"vuln_type": "XSS",
"fixed_in": null
}
]
}
}Fund this Issue
$293.00
y-matsuwitter(390)$50.00
boostio(4,734)$40.00
okdt(20)$40.00
yuesan(14)$28.00
watanabe-kyohei(5)$10.00
safe-net9(10)$9.00
zephyr7501(3)$5.00
selfnavi(2)$4.00
matayoshi(3)$4.00rororofff(123)$2.00
kotakanbe(21)$1.00
Rewarded
y-matsuwitter(390)$50.00boostio(4,734)$40.00okdt(20)$40.00yuesan(14)$28.00watanabe-kyohei(5)$10.00safe-net9(10)$9.00zephyr7501(3)$5.00selfnavi(2)$4.00matayoshi(3)$4.00rororofff(123)$2.00kotakanbe(21)$1.00Rewarded pull request
Click to copy link
Recent activities