scanners/wpscan/parser/__testFiles__/example-latest.json
{
"banner": {
"description": "WordPress Security Scanner by the WPScan Team",
"version": "3.8.1",
"authors": [
"@_WPScan_",
"@ethicalhack3r",
"@erwan_lr",
"@firefart"
],
"sponsor": "Sponsored by Automattic - https://automattic.com/"
},
"start_time": 1591480247,
"start_memory": 41349120,
"target_url": "https://www.example.com/",
"target_ip": "192.168.200.100",
"effective_url": "https://www.example.com/",
"interesting_findings": [
{
"url": "https://www.example.com/",
"to_s": "Headers",
"type": "headers",
"found_by": "Headers (Passive Detection)",
"confidence": 100,
"confirmed_by": {
},
"references": {
},
"interesting_entries": [
"Server: Apache/2.4.29 (Ubuntu)"
]
},
{
"url": "https://www.example.com/robots.txt",
"to_s": "https://www.example.com/robots.txt",
"type": "robots_txt",
"found_by": "Robots Txt (Aggressive Detection)",
"confidence": 100,
"confirmed_by": {
},
"references": {
},
"interesting_entries": [
"/wp-admin/",
"/wp-admin/admin-ajax.php"
]
},
{
"url": "https://www.example.com/readme.html",
"to_s": "https://www.example.com/readme.html",
"type": "readme",
"found_by": "Direct Access (Aggressive Detection)",
"confidence": 100,
"confirmed_by": {
},
"references": {
},
"interesting_entries": [
]
},
{
"url": "https://www.example.com/wp-content/mu-plugins/",
"to_s": "This site has 'Must Use Plugins': https://www.example.com/wp-content/mu-plugins/",
"type": "mu_plugins",
"found_by": "Direct Access (Aggressive Detection)",
"confidence": 80,
"confirmed_by": {
},
"references": {
"url": [
"http://codex.wordpress.org/Must_Use_Plugins"
]
},
"interesting_entries": [
]
},
{
"url": "https://www.example.com/wp-cron.php",
"to_s": "The external WP-Cron seems to be enabled: https://www.example.com/wp-cron.php",
"type": "wp_cron",
"found_by": "Direct Access (Aggressive Detection)",
"confidence": 60,
"confirmed_by": {
},
"references": {
"url": [
"https://www.iplocation.net/defend-wordpress-from-ddos",
"https://github.com/wpscanteam/wpscan/issues/1299"
]
},
"interesting_entries": [
]
}
],
"version": {
"number": "5.3.3",
"release_date": "2020-04-29",
"status": "latest",
"found_by": "Rss Generator (Passive Detection)",
"confidence": 100,
"interesting_entries": [
"https://www.example.com/feed/, <generator>https://wordpress.org/?v=5.3.3</generator>",
"https://www.example.com/comments/feed/, <generator>https://wordpress.org/?v=5.3.3</generator>"
],
"confirmed_by": {
},
"vulnerabilities": [
]
},
"main_theme": {
"slug": "twentyseventeen",
"location": "https://www.example.com/wp-content/themes/twentyseventeen/",
"latest_version": "2.3",
"last_updated": "2020-03-31T00:00:00.000Z",
"outdated": true,
"readme_url": "https://www.example.com/wp-content/themes/twentyseventeen/README.txt",
"directory_listing": false,
"error_log_url": null,
"style_url": "https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3",
"style_name": "Twenty Seventeen",
"style_uri": "https://wordpress.org/themes/twentyseventeen/",
"description": "Twenty Seventeen brings your site to life with header video and immersive featured images. With a focus on business sites, it features multiple sections on the front page as well as widgets, navigation and social menus, a logo, and more. Personalize its asymmetrical grid with a custom color scheme and showcase your multimedia content with post formats. Our default theme for 2017 works great in many languages, for any abilities, and on any device.",
"author": "the WordPress team",
"author_uri": "https://wordpress.org/",
"template": null,
"license": "GNU General Public License v2 or later",
"license_uri": "http://www.gnu.org/licenses/gpl-2.0.html",
"tags": "one-column, two-columns, right-sidebar, flexible-header, accessibility-ready, custom-colors, custom-header, custom-menu, custom-logo, editor-style, featured-images, footer-widgets, post-formats, rtl-language-support, sticky-post, theme-options, threaded-comments, translation-ready",
"text_domain": "twentyseventeen",
"found_by": "Css Style In Homepage (Passive Detection)",
"confidence": 100,
"interesting_entries": [
],
"confirmed_by": {
"Css Style In 404 Page (Passive Detection)": {
"confidence": 70,
"interesting_entries": [
]
}
},
"vulnerabilities": [
],
"version": {
"number": "2.2",
"confidence": 80,
"found_by": "Style (Passive Detection)",
"interesting_entries": [
"https://www.example.com/wp-content/themes/twentyseventeen/style.css?ver=5.3.3, Match: 'Version: 2.2'"
],
"confirmed_by": {
}
},
"parents": [
]
},
"plugins": {
"akismet": {
"slug": "akismet",
"location": "https://www.example.com/wp-content/plugins/akismet/",
"latest_version": "4.1.6",
"last_updated": "2020-06-04T17:21:00.000Z",
"outdated": false,
"readme_url": false,
"directory_listing": false,
"error_log_url": null,
"found_by": "Known Locations (Aggressive Detection)",
"confidence": 80,
"interesting_entries": [
"https://www.example.com/wp-content/plugins/akismet/, status: 403"
],
"confirmed_by": {
},
"vulnerabilities": [
{
"title": "Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)",
"fixed_in": "3.1.5",
"references": {
"cve": [
"2015-9357"
],
"url": [
"http://blog.akismet.com/2015/10/13/akismet-3-1-5-wordpress/",
"https://blog.sucuri.net/2015/10/security-advisory-stored-xss-in-akismet-wordpress-plugin.html"
],
"wpvulndb": [
"8215"
]
}
}
],
"version": null
}
},
"vuln_api": {
"plan": "free",
"requests_done_during_scan": 4,
"requests_remaining": 18
},
"stop_time": 1591480342,
"elapsed": 94,
"requests_done": 2335,
"cached_requests": 9,
"data_sent": 631774,
"data_sent_humanised": "616.967 KB",
"data_received": 1093069,
"data_received_humanised": "1.042 MB",
"used_memory": 272867328,
"used_memory_humanised": "260.227 MB"
}