Kali Linux\u306e\u30c4\u30fc\u30eb\u306e\u3046\u3061\u3001wordpress\u306e\u30cf\u30c3\u30ad\u30f3\u30b0\u306b\u7279\u5316\u3057\u305fWPScan\u3092\u4f7f\u3063\u3066\u307f\u305f\u306e\u3067\u3001\u4f7f\u3048\u305d\u3046\u306a\u30b3\u30de\u30f3\u30c9\u3092\u66f8\u3044\u3066\u304a\u304d\u307e\u3059\u3002<\/p>\n
\u30e6\u30fc\u30b6\u30fc\u540d\u3092\u4e00\u89a7\u3059\u308b \u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u7279\u5b9a\u3059\u308b \u30c6\u30fc\u30de\u3092\u4e00\u89a7\u3059\u308b \u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u4e00\u89a7\u3059\u308b \u8106\u5f31\u6027\u306e\u3042\u308b\u30c6\u30fc\u30de\u3092\u4e00\u89a7\u3059\u308b \u8106\u5f31\u6027\u306e\u3042\u308b\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u4e00\u89a7\u3059\u308b \u3053\u3061\u3089\u306e\u30b3\u30de\u30f3\u30c9\u3060\u3068\u4ee5\u4e0b\u306e\u3088\u3046\u306a\u51fa\u529b\u3092\u3057\u3066\u304f\u308c\u307e\u3059\u3002<\/p>\n akismet\u306e\u8106\u5f31\u6027\u3092\u5229\u7528\u3057\u3066\u3001\u3067\u30af\u30ed\u30b9\u30b5\u30a4\u30c8\u30b9\u30af\u30ea\u30d7\u30c6\u30a3\u30f3\u30b0\u304c\u3067\u304d\u307e\u3059\u3088\u30fc\u3068\u3044\u3063\u3066\u3044\u308b\u3088\u3046\u3067\u3059\u3002<\/p>\n","protected":false},"excerpt":{"rendered":" Kali Linux\u306e\u30c4\u30fc\u30eb\u306e\u3046\u3061\u3001wordpress\u306e\u30cf\u30c3\u30ad\u30f3\u30b0\u306b\u7279\u5316\u3057\u305fWPScan\u3092\u4f7f\u3063\u3066\u307f\u305f\u306e\u3067\u3001\u4f7f\u3048 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[58],"tags":[],"acf":[],"jetpack_featured_media_url":"","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8Rxwo-7m","_links":{"self":[{"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/posts\/456"}],"collection":[{"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=456"}],"version-history":[{"count":2,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/posts\/456\/revisions"}],"predecessor-version":[{"id":2200,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=\/wp\/v2\/posts\/456\/revisions\/2200"}],"wp:attachment":[{"href":"https:\/\/yuis-programming.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=456"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=456"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yuis-programming.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nwpscan -u sorerori.com --enumerate u<\/code><\/p>\n
\nwpscan -u sorerori.com --username hoge --wordlist ~\/dev.txt<\/code><\/p>\n
\nwpscan -u sorerori.com --enumerate t<\/code><\/p>\n
\nwpscan -u sorerori.com --enumerate p<\/code><\/p>\n
\nwpscan -u sorerori.com --enumerate vt<\/code><\/p>\n
\nwpscan -u sorerori.com --enumerate vp<\/code><\/p>\n[!] We could not determine a version so all vulnerabilities are printed out\n\n[!] Title: Akismet 2.5.0-3.1.4 - Unauthenticated Stored Cross-Site Scripting (XSS)\n Reference: https:\/\/wpvulndb.com\/vulnerabilities\/8215\n Reference: http:\/\/blog.akismet.com\/2015\/10\/13\/akismet-3-1-5-wordpress\/\n Reference: https:\/\/blog.sucuri.net\/2015\/10\/security-advisory-stored-xss-in-akismet-wordpress-plugin.html\n[i] Fixed in: 3.1.5\n<\/code><\/pre>\n