Wednesday, April 27th, 2016
WPscan is a popular command line tool for scanning WordPress installations to find vulnerabilities. It is a frontline tool used to find access points for your site – and – if it’s good enough for that hackers, you should be using it too! I recommend downloading it immediately to test your sites.
However, I just wasted a bunch of time running scans and looking plugins/themes that weren’t actually installed…
Running ‘wpscan -enumerate’ allows you to scan for installed plugins and themes. Unfortunatly, it was telling me that I had literally hundreds of vulnerable plugins and themes installed.
The problem is that it scans by sending requests to the server based on a list of folder names. If a 404 is not returned, it assumes you have the plugin/theme. Since we had the plugin redirection installed, many of these requests did not return the correct error code!
Just thought this might help other wpscan users.