hans362
/
hans362.github.io
mirror of https://github.com/hans362/hans362.github.io.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8f918a659e'
${ noResults }
hans362.github.io/post/scan-wordpress-vulnerabilit.../index.html

506 lines
90 KiB
HTML
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<!DOCTYPE html><html lang="zh-CN"><head><meta charset="utf-8"><meta http-equiv="x-dns-prefetch-control" content="on"><meta name="viewport" content="width=device-width,initial-scale=1,minimum-scale=1,maximum-scale=1,user-scalable=no"><meta name="renderer" content="webkit"><meta name="force-rendering" content="webkit"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><meta name="HandheldFriendly" content="True"><meta name="mobile-web-app-capable" content="yes"><link rel="shortcut icon" href="https://hans362-img.oss.0vv0.top/favicon.ico"><link rel="icon" type="image/png" sizes="16x16" href="https://hans362-img.oss.0vv0.top/favicon-16x16.png"><link rel="icon" type="image/png" sizes="32x32" href="https://hans362-img.oss.0vv0.top/favicon-32x32.png"><link rel="apple-touch-icon" sizes="180x180" href="https://hans362-img.oss.0vv0.top/apple-touch-icon.png"><link rel="mask-icon" href="https://hans362-img.oss.0vv0.top/safari-pinned-tab.svg"><title>使用WPScan扫描WordPress博客安全性 | Hans362 &#39;s Blog</title><meta name="keywords" content="Web, 网络安全, WordPress, WPScan, Hans362"><meta name="description" content="写在前面:本文介绍的工具建议仅用于安全性测试,使用请遵守国家规定,本博客不承担任何责任。 最近看到隔壁的@崇宫苟道的一篇文章《冻果果00后网络团队抄袭持续更新ing看完真的是被吓到了…我暂且先不对冻果果的行为做任何评价毕竟今天的主题是使用WPScan扫描WordPress博客安全性既然这个冻果果团队自称很厉害那么就免费帮他们做下测试吧~ 首先感谢@崇宫苟道给出的信息,该站的"><meta property="og:type" content="article"><meta property="og:title" content="使用WPScan扫描WordPress博客安全性"><meta property="og:url" content="https://blog.hans362.cn/post/scan-wordpress-vulnerability-with-wpscan/"><meta property="og:site_name" content="Hans362 &#39;s Blog"><meta property="og:description" content="写在前面:本文介绍的工具建议仅用于安全性测试,使用请遵守国家规定,本博客不承担任何责任。 最近看到隔壁的@崇宫苟道的一篇文章《冻果果00后网络团队抄袭持续更新ing看完真的是被吓到了…我暂且先不对冻果果的行为做任何评价毕竟今天的主题是使用WPScan扫描WordPress博客安全性既然这个冻果果团队自称很厉害那么就免费帮他们做下测试吧~ 首先感谢@崇宫苟道给出的信息,该站的"><meta property="og:locale" content="zh_CN"><meta property="og:image" content="https://hans362-img.oss.0vv0.top/2018/07/16/3600694451.png?width=1920"><meta property="article:published_time" content="2018-07-15T23:23:00.000Z"><meta property="article:modified_time" content="2025-04-11T10:35:15.358Z"><meta property="article:author" content="Hans362"><meta property="article:tag" content="Web"><meta property="article:tag" content="网络安全"><meta property="article:tag" content="WordPress"><meta property="article:tag" content="WPScan"><meta name="twitter:card" content="summary_large_image"><meta name="twitter:image" content="https://hans362-img.oss.0vv0.top/2018/07/16/3600694451.png?width=1920"><link rel="stylesheet" href="/css/style/main.css"><link rel="stylesheet" id="hl-default-theme" href="https://blog.hans362.cn/npm/highlight.js@10.1.2/styles/atom-one-light.css" media="none"><link rel="stylesheet" id="hl-dark-theme" href="https://blog.hans362.cn/npm/highlight.js@10.1.2/styles/atom-one-dark.css" media="none"><script src="/js/darkmode.js"></script><link rel="dns-prefetch" href="https://analytics.0vv0.top"><link rel="preconnect" href="https://hans362-img.oss.0vv0.top"><meta name="generator" content="Hexo 7.1.1"><link rel="alternate" href="/atom.xml" title="Hans362 's Blog" type="application/atom+xml"></head><body><div class="app-shell-loader">加载中...</div><div class="container" tabindex="-1"><header><div class="header__left"><a href="/" class="button"><span class="logo__text">Hans362 &#39;s Blog</span></a></div><div class="header__right"><div class="navbar__menus"><a href="/" class="button"><div class="navbar-menu">首页</div></a><a href="/archives/" class="button"><div class="navbar-menu">归档</div></a><a href="/tags/" class="button"><div class="navbar-menu">标签</div></a><a href="/bangumi/" class="button"><div class="navbar-menu">追番</div></a><a href="/links/" class="button"><div class="navbar-menu">友链</div></a><a href="/about/" class="button"><div class="navbar-menu">关于</div></a><a href="/atom.xml" class="button"><div class="navbar-menu">RSS</div></a></div><a href="/search/" class="button"><div id="btn-search"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 1024" width="24" height="24" fill="currentColor" stroke="currentColor" stroke-width="32"><path d="M192 448c0-141.152 114.848-256 256-256s256 114.848 256 256-114.848 256-256 256-256-114.848-256-256z m710.624 409.376l-206.88-206.88A318.784 318.784 0 0 0 768 448c0-176.736-143.264-320-320-320S128 271.264 128 448s143.264 320 320 320a318.784 318.784 0 0 0 202.496-72.256l206.88 206.88 45.248-45.248z"></path></svg></div></a><a href="javaScript:void(0);" rel="external nofollow noreferrer" class="button"><div id="btn-toggle-dark"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M21 12.79A9 9 0 1 1 11.21 3 7 7 0 0 0 21 12.79z"></path></svg></div></a><a href="#" class="button" id="b2t" aria-label="回到顶部" title="回到顶部"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1024 1024" width="32" height="32"><path d="M233.376 722.752L278.624 768 512 534.624 745.376 768l45.248-45.248L512 444.128zM192 352h640V288H192z" fill="currentColor"></path></svg> </a><a class="dropdown-icon button" tabindex="0"><div id="btn-dropdown"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20" width="24" height="24" fill="none" stroke="currentColor" stroke-width="0.7" stroke-linecap="round" stroke-linejoin="round"><path fill="currentColor" d="M3.314,4.8h13.372c0.41,0,0.743-0.333,0.743-0.743c0-0.41-0.333-0.743-0.743-0.743H3.314c-0.41,0-0.743,0.333-0.743,0.743C2.571,4.467,2.904,4.8,3.314,4.8z M16.686,15.2H3.314c-0.41,0-0.743,0.333-0.743,0.743s0.333,0.743,0.743,0.743h13.372c0.41,0,0.743-0.333,0.743-0.743S17.096,15.2,16.686,15.2z M16.686,9.257H3.314c-0.41,0-0.743,0.333-0.743,0.743s0.333,0.743,0.743,0.743h13.372c0.41,0,0.743-0.333,0.743-0.743S17.096,9.257,16.686,9.257z"></path></svg></div></a><div class="dropdown-menus" id="dropdown-menus"><a href="/" class="dropdown-menu button">首页</a> <a href="/archives/" class="dropdown-menu button">归档</a> <a href="/tags/" class="dropdown-menu button">标签</a> <a href="/bangumi/" class="dropdown-menu button">追番</a> <a href="/links/" class="dropdown-menu button">友链</a> <a href="/about/" class="dropdown-menu button">关于</a> <a href="/atom.xml" class="dropdown-menu button">RSS</a></div></div></header><cover></cover><main><div class="post-content"><div class="post-title"><h1 class="post-title__text">使用WPScan扫描WordPress博客安全性</h1><div class="post-title__meta"><a href="/archives/2018/07/" class="post-meta__date button">2018-07-16</a> <span class="separate-dot"></span> <a href="/categories/%E6%8A%80%E6%9C%AF%E5%90%91/" class="button"><span class="post-meta__cats">技术向</span></a><style>.post-meta__pv{color:var(--t-l);visibility:hidden;opacity:0;transition:.2s}</style><span class="separate-dot"></span> <span class="post-meta__pv"></span></div></div><aside class="post-side"><div class="post-side__toc"><div class="toc-title">文章目录</div><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%87%86%E5%A4%87%E5%B7%A5%E4%BD%9C"><span class="toc-text">准备工作</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%B0%8F%E8%AF%95%E7%89%9B%E5%88%80"><span class="toc-text">小试牛刀</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%BB%93%E6%9E%9C%E6%B1%87%E6%80%BB"><span class="toc-text">结果汇总</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%BB%93%E8%AF%AD"><span class="toc-text">结语</span></a></li></ol></div></aside><a class="btn-toc button" id="btn-toc" tabindex="0"><svg viewBox="0 0 1024 1024" width="32" height="32" xmlns="http://www.w3.org/2000/svg"><path d="M128 256h64V192H128zM320 256h576V192H320zM128 544h64v-64H128zM320 544h576v-64H320zM128 832h64v-64H128zM320 832h576v-64H320z" fill="currentColor"></path></svg></a><div class="toc-menus" id="toc-menus"><div class="toc-title">文章目录</div><ol class="toc"><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%87%86%E5%A4%87%E5%B7%A5%E4%BD%9C"><span class="toc-text">准备工作</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E5%B0%8F%E8%AF%95%E7%89%9B%E5%88%80"><span class="toc-text">小试牛刀</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%BB%93%E6%9E%9C%E6%B1%87%E6%80%BB"><span class="toc-text">结果汇总</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#%E7%BB%93%E8%AF%AD"><span class="toc-text">结语</span></a></li></ol></div><article class="post post__with-toc card"><div class="post__header"><div class="post__expire" id="post-expired-notify"><p><svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 16 16" style="fill:#f5a623;stroke:#f5a623"><path fill-rule="evenodd" d="M8.893 1.5c-.183-.31-.52-.5-.887-.5s-.703.19-.886.5L.138 13.499a.98.98 0 0 0 0 1.001c.193.31.53.501.886.501h13.964c.367 0 .704-.19.877-.5a1.03 1.03 0 0 0 .01-1.002L8.893 1.5zm.133 11.497H6.987v-2.003h2.039v2.003zm0-3.004H6.987V5.987h2.039v4.006z"></path></svg> 本文最后更新于 <span id="expire-date"></span> 天前,文中部分描述可能已经过时。</p></div><script>(()=>{var e=Date.parse("2018-07-16"),t=(new Date).getTime(),t=Math.floor((t-e)/864e5);120<=t&&(document.querySelectorAll("#expire-date")[0].innerHTML=t,document.querySelectorAll("#post-expired-notify")[0].style.display="block")})()</script></div><div class="post__content"><html><head><script>var meting_api="https://api-v2.hans362.cn/vip/?server=:server&type=:type&id=:id&r=:r"</script><script class="meting-secondary-script-marker" src="/js/Meting.min.js"></script></head><body><blockquote><p>写在前面:本文介绍的工具建议仅用于安全性测试,使用请遵守国家规定,本博客不承担任何责任。</p></blockquote><p>最近看到隔壁的<a target="_blank" rel="noopener" href="https://blog.lzh441.club">@崇宫苟道</a>的一篇文章<a target="_blank" rel="noopener" href="https://blog.lzh441.club/index.php/archives/58/">《冻果果00后网络团队抄袭持续更新ing</a>看完真的是被吓到了…我暂且先不对冻果果的行为做任何评价毕竟今天的主题是使用WPScan扫描WordPress博客安全性既然这个冻果果团队自称很厉害那么就<s>免费</s>帮他们做下测试吧~</p><p>首先感谢<a target="_blank" rel="noopener" href="https://blog.lzh441.club">@崇宫苟道</a>给出的信息该站的首页是个基于WordPress的论坛真的长见识了…WP也能做论坛</p><p>那么就拿出WPScan扫一下吧~</p><p>(前方大量代码块来啦~为避免影响主页效果,文章已折叠,点击下方继续阅读)</p><span id="more"></span><h2 id="准备工作"><a class="markdownIt-Anchor" href="#准备工作"></a> 准备工作</h2><p>咳咳…忘了还没讲怎么安装呢</p><p>准备一个Linux操作系统推荐Kali Linux已经自带WPScan无需安装</p><p>然而本文还是用的WSL的Ubuntu<s>不要问为什么</s>(手动滑稽</p><p>安装一下Git和必备的组件</p><pre><code class="hljs q">sudo apt-<span class="hljs-built_in">get</span> install libcurl4-openssl-<span class="hljs-built_in">dev</span> libxml2 libxml2-<span class="hljs-built_in">dev</span> libxslt1-<span class="hljs-built_in">dev</span> build-essential libgmp-<span class="hljs-built_in">dev</span> zlib1g-<span class="hljs-built_in">dev</span></code></pre><p>安装Ruby2.3</p><pre><code class="hljs vim">sudo apt-<span class="hljs-built_in">get</span> -<span class="hljs-keyword">y</span> install software-properties-common
sudo apt-<span class="hljs-built_in">add</span>-repository <span class="hljs-keyword">pp</span><span class="hljs-variable">a:brightbox</span>/<span class="hljs-keyword">ruby</span>-ng
sudo apt-<span class="hljs-built_in">get</span> <span class="hljs-keyword">update</span>
sudo apt-<span class="hljs-built_in">get</span> -<span class="hljs-keyword">y</span> install ruby2.<span class="hljs-number">3</span>
sudo apt-<span class="hljs-built_in">get</span> install ruby2.<span class="hljs-number">3</span>-dev
gem <span class="hljs-keyword">update</span> --<span class="hljs-built_in">system</span>
gem install rubygems-<span class="hljs-keyword">update</span>
update_rubygems</code></pre><p>接着Clone一份WPScan并安装</p><pre><code class="hljs awk">git clone https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/wpscanteam/</span>wpscan.git
cd wpscan
sudo gem install bundler &amp;&amp; bundle install --without test</code></pre><p>就OK啦~</p><p><img src="https://hans362-img.oss.0vv0.top/2018/07/16/3600694451.png?width=1920" class="lazy" data-srcset="https://hans362-img.oss.0vv0.top/2018/07/16/3600694451.png?width=1920" srcset="/loading.gif" alt="捕获.PNG"></p><h2 id="小试牛刀"><a class="markdownIt-Anchor" href="#小试牛刀"></a> 小试牛刀</h2><p>运行<code>./wpscan.rb</code>就可以看到说明啦~</p><pre><code class="hljs jboss-cli">hans362@WIN-562CUJC625F:~<span class="hljs-string">/wpscan</span>$ <span class="hljs-string">./wpscan.rb</span>
_______________________________________________________________
__ _______ _____
\ \ / / __ \ / ____|
\ \ /\ / /| |__) | <span class="hljs-params">(___ ___ __ _ _ __ ®</span>
<span class="hljs-params"> \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \</span>
<span class="hljs-params"> \ /\ / | | ____)</span> | <span class="hljs-params">(__| (_| | | | |</span>
<span class="hljs-params"> \/ \/ |_| |_____/ \___|\__,_|_| |_|</span>
<span class="hljs-params"></span>
<span class="hljs-params"> WordPress Security Scanner by the WPScan Team</span>
<span class="hljs-params"> Version 2.9.5-dev</span>
<span class="hljs-params"> Sponsored by Sucuri - https://sucuri.net</span>
<span class="hljs-params"> @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_</span>
<span class="hljs-params">_______________________________________________________________</span>
<span class="hljs-params"></span>
<span class="hljs-params"></span>
<span class="hljs-params">Examples :</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Further help ...</span>
<span class="hljs-params">ruby ./wpscan.rb --help</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Do 'non-intrusive' checks ...</span>
<span class="hljs-params">ruby ./wpscan.rb --url www.example.com</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Do wordlist password brute force on enumerated users using 50 threads ...</span>
<span class="hljs-params">ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Do wordlist password brute force on the 'admin' username only ...</span>
<span class="hljs-params">ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Enumerate installed plugins ...</span>
<span class="hljs-params">ruby ./wpscan.rb --url www.example.com --enumerate p</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Enumerate installed themes ...</span>
<span class="hljs-params">ruby ./wpscan.rb --url www.example.com --enumerate t</span>
<span class="hljs-params"></span>
<span class="hljs-params">-Enumerate users (from 1 - 10)</span><span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--enumerate</span> u
-Enumerate users <span class="hljs-params">(from 1 - 20)</span><span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--enumerate</span> u[1-20]
-Enumerate installed timthumbs <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--enumerate</span> tt
-Use a HTTP proxy <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--proxy</span> 127.0.0.1<span class="hljs-function">:8118</span>
-Use a SOCKS5 proxy <span class="hljs-string">...</span> <span class="hljs-params">(cURL &gt;= v7.21.7 needed)</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--proxy</span> socks5:<span class="hljs-string">//127.0.0.1</span><span class="hljs-function">:9000</span>
-Use custom content directory <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> -u www.example.com <span class="hljs-params">--wp-content-dir</span> custom-content
-Use custom plugins directory <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> -u www.example.com <span class="hljs-params">--wp-plugins-dir</span> wp-content/custom-plugins
-Update the Database <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--update</span>
-Debug output <span class="hljs-string">...</span>
ruby <span class="hljs-string">./wpscan.rb</span> <span class="hljs-params">--url</span> www.example.com <span class="hljs-params">--debug-output</span> 2&gt;debug.log
See README for further information.
[!] No argument supplied</code></pre><p>So…我们就拿冻果果的论坛试试看吧~</p><pre><code class="hljs stylus">./wpscan<span class="hljs-selector-class">.rb</span> -u www<span class="hljs-selector-class">.dongguoshare</span>.com</code></pre><p>然后去泡杯咖啡吧~等脚本跑完</p><p>嗯最后扫描结果如下:</p><pre><code class="hljs less"><span class="hljs-selector-tag">root</span>@<span class="hljs-selector-tag">WIN-562CUJC625F</span>:/<span class="hljs-selector-tag">home</span>/<span class="hljs-selector-tag">hans362</span>/<span class="hljs-selector-tag">wpscan</span># ./<span class="hljs-selector-tag">wpscan</span><span class="hljs-selector-class">.rb</span> <span class="hljs-selector-tag">-u</span> <span class="hljs-selector-tag">www</span><span class="hljs-selector-class">.dongguoshare</span><span class="hljs-selector-class">.com</span>
<span class="hljs-selector-tag">_______________________________________________________________</span>
<span class="hljs-selector-tag">__</span> <span class="hljs-selector-tag">_______</span> <span class="hljs-selector-tag">_____</span>
\ \ / / <span class="hljs-selector-tag">__</span> \ / <span class="hljs-selector-tag">____</span>|
\ \ /\ / /| |<span class="hljs-selector-tag">__</span>) | (___ ___ __ _ _ __ ®
\ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \
\ /\ / | | ____) | (__| (_| | | | |
\/ \/ |_| |_____/ \___|\__,_|_| |_|
WordPress Security Scanner by the WPScan Team
Version <span class="hljs-number">2.9</span>.<span class="hljs-number">5</span>-dev
Sponsored by Sucuri - <span class="hljs-attribute">https</span>:<span class="hljs-comment">//sucuri.net</span>
<span class="hljs-variable">@_WPScan_</span>, <span class="hljs-variable">@ethicalhack3r</span>, <span class="hljs-variable">@erwan_lr</span>, <span class="hljs-variable">@_FireFart_</span>
_______________________________________________________________
[i] It seems like you have <span class="hljs-keyword">not</span> updated the database for some time
[?] Do you want to <span class="hljs-attribute">update</span> now? [Y]es [N]o [A]bort <span class="hljs-attribute">update</span>, <span class="hljs-attribute">default</span>: [N] &gt; y
[i] Updating the Database ...
[i] <span class="hljs-attribute">Update</span> completed
[i] The remote host tried to redirect <span class="hljs-attribute">to</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/</span>
[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, <span class="hljs-attribute">default</span>: [N] &gt;y
[+] <span class="hljs-attribute">URL</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/</span>
[+] <span class="hljs-attribute">Started</span>: Sun Jul <span class="hljs-number">15</span> <span class="hljs-number">15</span>:<span class="hljs-number">22</span>:<span class="hljs-number">26</span> <span class="hljs-number">2018</span>
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">EAGLEID</span>: <span class="hljs-number">7</span>ae3a4a615316393468481471e
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">LINK</span>: &lt;<span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-json/&gt;; rel="https://api.w.org/", &lt;https://www.dongguoshare.com/&gt;; rel=shortlink</span>
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">SERVER</span>: Tengine
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">SET-COOKIE</span>: gdbbx_tracking_activity=<span class="hljs-number">1531639348</span>; expires=Fri, <span class="hljs-number">11</span>-Jan-<span class="hljs-number">2019</span> <span class="hljs-number">07</span>:<span class="hljs-number">22</span>:<span class="hljs-number">28</span> GMT; Max-Age=<span class="hljs-number">15552000</span>; path=/
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">TIMING-ALLOW-ORIGIN</span>: *
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">VIA</span>: cache1.l2et2[<span class="hljs-number">2918</span>,<span class="hljs-number">200</span>-<span class="hljs-number">0</span>,M], cache46.l2et2[<span class="hljs-number">2918</span>,<span class="hljs-number">0</span>], kunlun8.cn198[<span class="hljs-number">2944</span>,<span class="hljs-number">200</span>-<span class="hljs-number">0</span>,M], kunlun6.cn198[<span class="hljs-number">2945</span>,<span class="hljs-number">0</span>]
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">X-CACHE</span>: MISS TCP_MISS <span class="hljs-attribute">dirn</span>:<span class="hljs-attribute">-2</span>:-<span class="hljs-number">2</span> <span class="hljs-attribute">mlen</span>:-<span class="hljs-number">1</span>
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">X-SWIFT-CACHETIME</span>: <span class="hljs-number">0</span>
[+] Interesting <span class="hljs-attribute">header</span>: <span class="hljs-attribute">X-SWIFT-SAVETIME</span>: Sun, <span class="hljs-number">15</span> Jul <span class="hljs-number">2018</span> <span class="hljs-number">07</span>:<span class="hljs-number">22</span>:<span class="hljs-number">29</span> GMT
[+] robots.txt available <span class="hljs-attribute">under</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/robots.txt [HTTP 200]</span>
[+] This site has <span class="hljs-string">'Must Use Plugins'</span> (<span class="hljs-attribute">http</span>:<span class="hljs-comment">//codex.wordpress.org/Must_Use_Plugins)</span>
[+] XML-RPC Interface available <span class="hljs-attribute">under</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/xmlrpc.php [HTTP 405]</span>
[+] API <span class="hljs-attribute">exposed</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-json/ [HTTP 200]</span>
[!] <span class="hljs-number">8</span> users exposed via <span class="hljs-attribute">API</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-json/wp/v2/users</span>
+------+------------+---------------------------------------------------------+
| ID | Name | URL |
+------+------------+---------------------------------------------------------+
| <span class="hljs-number">1</span> | Galaxy | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/xianghui |</span>
| <span class="hljs-number">30</span> | 露娜 | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/luna |</span>
| <span class="hljs-number">38</span> | 歌者 | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/none |</span>
| <span class="hljs-number">41</span> | 清姬 | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/kiyohime |</span>
| <span class="hljs-number">71</span> | <span class="hljs-variable">@wyf</span> | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/wyf |</span>
| <span class="hljs-number">87</span> | 天鹰 | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/fengtingyi |</span>
| <span class="hljs-number">1290</span> | Monicfenga | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/monicfenga |</span>
| <span class="hljs-number">1462</span> | 冻果小精灵 | <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/articles/author/dgg-notify |</span>
+------+------------+---------------------------------------------------------+
[+] Found an RSS <span class="hljs-attribute">Feed</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/activity/feed/ [HTTP 200]</span>
[!] Missing Author field. Maybe non-standard WordPress RSS feed?
[+] Enumerating WordPress version ...
[+] WordPress version <span class="hljs-number">4.8</span> (Released on <span class="hljs-number">2017</span>-<span class="hljs-number">06</span>-<span class="hljs-number">08</span>) identified from sitemap generator
[!] <span class="hljs-number">18</span> vulnerabilities identified from the version number
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">2.3</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - $wpdb-&gt;<span class="hljs-built_in">prepare</span>() potential SQL Injection
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8905</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/70b21279098fc973eae803693c0705a548128e48</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/fc930d3daed1c3acef010d04acc2c5de93cd18ec</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">2.9</span>.<span class="hljs-number">2</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Open Redirect
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8910</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/changeset/41398</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14725</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.0</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Path Traversal in Unzipping
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8911</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/changeset/41457</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14719</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">4.4</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Path Traversal in Customizer
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8912</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/changeset/41397</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14722</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">4.4</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Cross-Site <span class="hljs-attribute">Scripting</span> (XSS) in oEmbed
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8913</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/changeset/41448</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14724</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">4.2</span>.<span class="hljs-number">3</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Authenticated Cross-Site <span class="hljs-attribute">Scripting</span> (XSS) in Visual Editor
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8914</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/09/wordpress-4-8-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/changeset/41395</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//blog.sucuri.net/2017/09/stored-cross-site-scripting-vulnerability-in-wordpress-4-8-1.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14726</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">2.3</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">3</span> - Host Header Injection in Password Reset
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8807</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//exploitbox.io/vuln/WordPress-Exploit-4-7-Unauth-Password-Reset-0day-CVE-2017-8295.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//blog.dewhurstsecurity.com/2017/05/04/exploitbox-wordpress-security-advisories.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/ticket/25239</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8295</span>
[!] <span class="hljs-attribute">Title</span>: WordPress &lt;= <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span> - $wpdb-&gt;<span class="hljs-built_in">prepare</span>() Weakness
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8941</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/10/wordpress-4-8-3-security-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/a2693fd8602e3263b5925b9d799ddd577202167d</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//twitter.com/ircmaxell/status/923662170092638208</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16510</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">3</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">2.8</span>.<span class="hljs-number">6</span>-<span class="hljs-number">4.9</span> - Authenticated JavaScript File Upload
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8966</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/67d03a98c2cae5f41843c897f206adde299b0509</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17092</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">1.5</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.9</span> - RSS <span class="hljs-keyword">and</span> Atom Feed Escaping
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8967</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/f1de7e42df29395c3314bf85bff3d1f4f90541de</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17094</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">4.3</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.9</span> - HTML Language Attribute Escaping
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8968</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/3713ac5ebc90fb2011e98dfd691420f43da6c09a</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17093</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span> - <span class="hljs-string">'newbloguser'</span> Key Weak Hashing
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8969</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2017/11/wordpress-4-9-1-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/eaf1cfdc1fe0bdffabd8d879c591b864d833326c</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17091</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">1</span> - MediaElement Cross-Site <span class="hljs-attribute">Scripting</span> (XSS)
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9006</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/3fe9cb61ee71fcfadb5e002399296fcc1198d850</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2018/01/wordpress-4-9-2-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//core.trac.wordpress.org/ticket/42720</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5776</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">5</span>
[!] <span class="hljs-attribute">Title</span>: WordPress &lt;= <span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Application Denial of Service (DoS) (unpatched)
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9021</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/quitten/doser.py</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//thehackernews.com/2018/02/wordpress-dos-exploit.html</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Remove localhost Default
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9053</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/804363859602d4050d9a38a21f5a65d9aec18216</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10101</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Use Safe Redirect for Login
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9054</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/14bc2c0a6fde0da04b47130707e01df850eedc7e</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10100</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] <span class="hljs-attribute">Title</span>: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Escape Version in Generator Tag
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9055</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/31a4369366d6b8ce30045d4c838de2412c77850d</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10102</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] <span class="hljs-attribute">Title</span>: WordPress &lt;= <span class="hljs-number">4.9</span>.<span class="hljs-number">6</span> - Authenticated Arbitrary File Deletion
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9100</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//blog.ripstech.com/2018/wordpress-file-delete-to-code-execution/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//blog.vulnspy.com/2018/06/27/Wordpress-4-9-6-Arbitrary-File-Delection-Vulnerbility-Exploit/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//github.com/WordPress/WordPress/commit/c9dce0606b0d7e6f494d4abe7b193ac046a322cd</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wordpress.org/news/2018/07/wordpress-4-9-7-security-and-maintenance-release/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.wordfence.com/blog/2018/07/details-of-an-additional-file-deletion-vulnerability-patched-in-wordpress-4-9-7/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12895</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">7</span>
[+] WordPress theme in <span class="hljs-attribute">use</span>: buddyapp - v1.<span class="hljs-number">5.3</span>
[+] <span class="hljs-attribute">Name</span>: buddyapp - v1.<span class="hljs-number">5.3</span>
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/themes/buddyapp/</span>
| Style <span class="hljs-attribute">URL</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/themes/buddyapp/style.css</span>
| Referenced style.<span class="hljs-attribute">css</span>: wp-content/themes/buddyapp/assets/fonts/style.css
| Theme <span class="hljs-attribute">Name</span>: BuddyApp
| Theme <span class="hljs-attribute">URI</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//seventhqueen.com/themes/buddyapp</span>
| <span class="hljs-attribute">Description</span>: First Mobile Private Community Premium WordPress Theme
| <span class="hljs-attribute">Author</span>: SeventhQueen
| Author <span class="hljs-attribute">URI</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//themeforest.net/user/SeventhQueen</span>
[+] Enumerating plugins from passive detection ...
| <span class="hljs-number">11</span> plugins <span class="hljs-attribute">found</span>:
[+] <span class="hljs-attribute">Name</span>: bbp-user-ranking - v2.<span class="hljs-number">7</span>
| Latest <span class="hljs-attribute">version</span>: <span class="hljs-number">2.7</span> (up to date)
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2017</span><span class="hljs-attribute">-12-08T18</span>:<span class="hljs-number">18</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/bbp-user-ranking/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/bbp-user-ranking/readme.txt</span>
[+] <span class="hljs-attribute">Name</span>: bbpress - v2.<span class="hljs-number">5.14</span>
| Latest <span class="hljs-attribute">version</span>: <span class="hljs-number">2.5</span>.<span class="hljs-number">14</span> (up to date)
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2017</span><span class="hljs-attribute">-10-13T18</span>:<span class="hljs-number">29</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/bbpress/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/bbpress/readme.txt</span>
[+] <span class="hljs-attribute">Name</span>: buddypress - v2.<span class="hljs-number">9.4</span>
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2018</span><span class="hljs-attribute">-06-05T19</span>:<span class="hljs-number">44</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress/readme.txt[!] The version is out of date, the latest version is 3.1.0</span>
[+] <span class="hljs-attribute">Name</span>: buddypress-global-search - v1.<span class="hljs-number">1.8</span>
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2018</span><span class="hljs-attribute">-05-24T06</span>:<span class="hljs-number">56</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress-global-search/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress-global-search/readme.txt</span>
[!] The version is out of date, the latest version is <span class="hljs-number">1.1</span>.<span class="hljs-number">9</span>
[+] <span class="hljs-attribute">Name</span>: buddypress-media - v4.<span class="hljs-number">4.7</span>
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2018</span><span class="hljs-attribute">-07-11T12</span>:<span class="hljs-number">48</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress-media/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/buddypress-media/readme.txt</span>
[!] The version is out of date, the latest version is <span class="hljs-number">4.5</span>.<span class="hljs-number">2</span>
[+] <span class="hljs-attribute">Name</span>: gears
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/gears/</span>
[+] <span class="hljs-attribute">Name</span>: image-upload-for-bbpress - v1.<span class="hljs-number">1.15</span>
| Latest <span class="hljs-attribute">version</span>: <span class="hljs-number">1.1</span>.<span class="hljs-number">15</span> (up to date)
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2017</span><span class="hljs-attribute">-10-02T17</span>:<span class="hljs-number">49</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/image-upload-for-bbpress/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/image-upload-for-bbpress/readme.txt</span>
[+] <span class="hljs-attribute">Name</span>: inline-spoilers - v1.<span class="hljs-number">3.1</span>
| Latest <span class="hljs-attribute">version</span>: <span class="hljs-number">1.3</span>.<span class="hljs-number">1</span> (up to date)
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2017</span><span class="hljs-attribute">-12-21T20</span>:<span class="hljs-number">30</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/inline-spoilers/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/inline-spoilers/readme.txt</span>
[+] <span class="hljs-attribute">Name</span>: js_composer
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/js_composer/</span>
[!] We could <span class="hljs-keyword">not</span> determine the version installed. All of the past known vulnerabilities will be output to allow you to do your own manual investigation.
[!] <span class="hljs-attribute">Title</span>: Visual Composer &lt;= <span class="hljs-number">4.7</span>.<span class="hljs-number">3</span> - Multiple Unspecified Cross-Site <span class="hljs-attribute">Scripting</span> (XSS)
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/8208</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//codecanyon.net/item/visual-composer-page-builder-for-wordpress/242431</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//forums.envato.com/t/visual-composer-security-vulnerability-fix/10494/7</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">4.7</span>.<span class="hljs-number">4</span>
[+] <span class="hljs-attribute">Name</span>: wp-ulike - v2.<span class="hljs-number">9.1</span>
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2018</span><span class="hljs-attribute">-06-27T12</span>:<span class="hljs-number">50</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/wp-ulike/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/wp-ulike/readme.txt</span>
[!] The version is out of date, the latest version is <span class="hljs-number">3.4</span>
[!] <span class="hljs-attribute">Title</span>: WP ULike &lt;= <span class="hljs-number">3.1</span> - Unauthenticated Stored XSS
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//wpvulndb.com/vulnerabilities/9083</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//advisories.dxw.com/advisories/stored-xss-wp-ulike/</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//plugins.trac.wordpress.org/changeset/1863114/wp-ulike</span>
<span class="hljs-attribute">Reference</span>: <span class="hljs-attribute">http</span>:<span class="hljs-comment">//seclists.org/fulldisclosure/2018/May/33</span>
[i] Fixed <span class="hljs-attribute">in</span>: <span class="hljs-number">3.2</span>
[+] <span class="hljs-attribute">Name</span>: yet-another-related-posts-plugin - v4.<span class="hljs-number">4</span>
| Latest <span class="hljs-attribute">version</span>: <span class="hljs-number">4.4</span> (up to date)
| Last <span class="hljs-attribute">updated</span>: <span class="hljs-number">2017</span><span class="hljs-attribute">-01-31T15</span>:<span class="hljs-number">17</span>:<span class="hljs-number">00.000</span>Z
| <span class="hljs-attribute">Location</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/yet-another-related-posts-plugin/</span>
| <span class="hljs-attribute">Readme</span>: <span class="hljs-attribute">https</span>:<span class="hljs-comment">//www.dongguoshare.com/wp-content/plugins/yet-another-related-posts-plugin/readme.txt</span>
[+] <span class="hljs-attribute">Finished</span>: Sun Jul <span class="hljs-number">15</span> <span class="hljs-number">15</span>:<span class="hljs-number">38</span>:<span class="hljs-number">00</span> <span class="hljs-number">2018</span>
[+] Elapsed <span class="hljs-attribute">time</span>: <span class="hljs-number">00</span>:<span class="hljs-number">15</span>:<span class="hljs-number">34</span>
[+] Requests <span class="hljs-attribute">made</span>: <span class="hljs-number">479</span>
[!] -Infinity</code></pre><h2 id="结果汇总"><a class="markdownIt-Anchor" href="#结果汇总"></a> 结果汇总</h2><p>我们主要留意有感叹号的地方,说明可能存在漏洞</p><pre><code class="hljs awk">[+] WordPress version <span class="hljs-number">4.8</span> (Released on <span class="hljs-number">2017</span>-<span class="hljs-number">06</span>-<span class="hljs-number">08</span>) identified from sitemap generator
[!] <span class="hljs-number">18</span> vulnerabilities identified from the version number
[!] Title: WordPress <span class="hljs-number">2.3</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - <span class="hljs-variable">$wpdb</span>-&gt;prepare() potential SQL Injection
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8905</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">70</span>b21279098fc973eae803693c0705a548128e48
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span>fc930d3daed1c3acef010d04acc2c5de93cd18ec
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">2.9</span>.<span class="hljs-number">2</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Open Redirect
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8910</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">41398</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">14725</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">3.0</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Path Traversal <span class="hljs-keyword">in</span> Unzipping
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8911</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">41457</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">14719</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">4.4</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Path Traversal <span class="hljs-keyword">in</span> Customizer
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8912</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">41397</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">14722</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">4.4</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Cross-Site Scripting (XSS) <span class="hljs-keyword">in</span> oEmbed
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8913</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">41448</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">14724</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">4.2</span>.<span class="hljs-number">3</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">1</span> - Authenticated Cross-Site Scripting (XSS) <span class="hljs-keyword">in</span> Visual Editor
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8914</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/09/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">41395</span>
Reference: https:<span class="hljs-regexp">//</span>blog.sucuri.net<span class="hljs-regexp">/2017/</span><span class="hljs-number">09</span>/stored-cross-site-scripting-vulnerability-<span class="hljs-keyword">in</span>-wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">1</span>.html
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">14726</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span>
[!] Title: WordPress <span class="hljs-number">2.3</span>-<span class="hljs-number">4.8</span>.<span class="hljs-number">3</span> - Host Header Injection <span class="hljs-keyword">in</span> Password Reset
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8807</span>
Reference: https:<span class="hljs-regexp">//</span>exploitbox.io<span class="hljs-regexp">/vuln/</span>WordPress-Exploit-<span class="hljs-number">4</span>-<span class="hljs-number">7</span>-Unauth-Password-Reset-<span class="hljs-number">0</span>day-CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">8295</span>.html
Reference: http:<span class="hljs-regexp">//</span>blog.dewhurstsecurity.com<span class="hljs-regexp">/2017/</span><span class="hljs-number">05</span><span class="hljs-regexp">/04/</span>exploitbox-wordpress-security-advisories.html
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/ticket/</span><span class="hljs-number">25239</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">8295</span>
[!] Title: WordPress &lt;= <span class="hljs-number">4.8</span>.<span class="hljs-number">2</span> - <span class="hljs-variable">$wpdb</span>-&gt;prepare() Weakness
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8941</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/10/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">8</span>-<span class="hljs-number">3</span>-security-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span>a2693fd8602e3263b5925b9d799ddd577202167d
Reference: https:<span class="hljs-regexp">//</span>twitter.com<span class="hljs-regexp">/ircmaxell/</span>status/<span class="hljs-number">923662170092638208</span>
Reference: https:<span class="hljs-regexp">//</span>blog.ircmaxell.com<span class="hljs-regexp">/2017/</span><span class="hljs-number">10</span>/disclosure-wordpress-wpdb-sql-injection-technical.html
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">16510</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">3</span>
[!] Title: WordPress <span class="hljs-number">2.8</span>.<span class="hljs-number">6</span>-<span class="hljs-number">4.9</span> - Authenticated JavaScript File Upload
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8966</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/11/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">1</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">67</span>d03a98c2cae5f41843c897f206adde299b0509
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">17092</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] Title: WordPress <span class="hljs-number">1.5</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.9</span> - RSS and Atom Feed Escaping
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8967</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/11/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">1</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span>f1de7e42df29395c3314bf85bff3d1f4f90541de
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">17094</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] Title: WordPress <span class="hljs-number">4.3</span>.<span class="hljs-number">0</span>-<span class="hljs-number">4.9</span> - HTML Language Attribute Escaping
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8968</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/11/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">1</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">3713</span>ac5ebc90fb2011e98dfd691420f43da6c09a
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">17093</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] Title: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span> - <span class="hljs-string">'newbloguser'</span> Key Weak Hashing
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">8969</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2017</span><span class="hljs-regexp">/11/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">1</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span>eaf1cfdc1fe0bdffabd8d879c591b864d833326c
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2017</span>-<span class="hljs-number">17091</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">4</span>
[!] Title: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">1</span> - MediaElement Cross-Site Scripting (XSS)
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9006</span>
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">3</span>fe9cb61ee71fcfadb5e002399296fcc1198d850
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/01/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">2</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>core.trac.wordpress.org<span class="hljs-regexp">/ticket/</span><span class="hljs-number">42720</span>
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">5776</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">5</span>
[!] Title: WordPress &lt;= <span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Application Denial of Service (DoS) (unpatched)
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9021</span>
Reference: https:<span class="hljs-regexp">//</span>baraktawily.blogspot.fr<span class="hljs-regexp">/2018/</span><span class="hljs-number">02</span>/how-to-dos-<span class="hljs-number">29</span>-of-world-wide-websites.html
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/quitten/</span>doser.py
Reference: https:<span class="hljs-regexp">//</span>thehackernews.com<span class="hljs-regexp">/2018/</span><span class="hljs-number">02</span>/wordpress-dos-exploit.html
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">6389</span>
[!] Title: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Remove localhost Default
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9053</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/04/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">5</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">804363859602</span>d4050d9a38a21f5a65d9aec18216
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">10101</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] Title: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Use Safe Redirect <span class="hljs-keyword">for</span> Login
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9054</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/04/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">5</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">14</span>bc2c0a6fde0da04b47130707e01df850eedc7e
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">10100</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] Title: WordPress <span class="hljs-number">3.7</span>-<span class="hljs-number">4.9</span>.<span class="hljs-number">4</span> - Escape Version <span class="hljs-keyword">in</span> Generator Tag
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9055</span>
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/04/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">5</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span><span class="hljs-number">31</span>a4369366d6b8ce30045d4c838de2412c77850d
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">10102</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">6</span>
[!] Title: WordPress &lt;= <span class="hljs-number">4.9</span>.<span class="hljs-number">6</span> - Authenticated Arbitrary File Deletion
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9100</span>
Reference: https:<span class="hljs-regexp">//</span>blog.ripstech.com<span class="hljs-regexp">/2018/</span>wordpress-file-<span class="hljs-keyword">delete</span>-to-code-execution/
Reference: http:<span class="hljs-regexp">//</span>blog.vulnspy.com<span class="hljs-regexp">/2018/</span><span class="hljs-number">06</span><span class="hljs-regexp">/27/</span>Wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">6</span>-Arbitrary-File-Delection-Vulnerbility-Exploit/
Reference: https:<span class="hljs-regexp">//gi</span>thub.com<span class="hljs-regexp">/WordPress/</span>WordPress<span class="hljs-regexp">/commit/</span>c9dce0606b0d7e6f494d4abe7b193ac046a322cd
Reference: https:<span class="hljs-regexp">//</span>wordpress.org<span class="hljs-regexp">/news/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/07/</span>wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">7</span>-security-and-maintenance-release/
Reference: https:<span class="hljs-regexp">//</span>www.wordfence.com<span class="hljs-regexp">/blog/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/07/</span>details-of-an-additional-file-deletion-vulnerability-patched-<span class="hljs-keyword">in</span>-wordpress-<span class="hljs-number">4</span>-<span class="hljs-number">9</span>-<span class="hljs-number">7</span>/
Reference: https:<span class="hljs-regexp">//</span>cve.mitre.org<span class="hljs-regexp">/cgi-bin/</span>cvename.cgi?name=CVE-<span class="hljs-number">2018</span>-<span class="hljs-number">12895</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">4.8</span>.<span class="hljs-number">7</span></code></pre><p>首先看到WordPress版本仅为4.8这个冻果果这么大胆的吗多久没更新啦共检出18个可利用漏洞经过我的尝试其中有两个极有可能被利用</p><p>接着看主题和插件这里还行主要有一个Ulike点赞插件的高危漏洞并且非常容易实施</p><pre><code class="hljs awk">[+] Name: wp-ulike - v2.<span class="hljs-number">9.1</span>
| Last updated: <span class="hljs-number">2018</span>-<span class="hljs-number">06</span>-<span class="hljs-number">27</span>T12:<span class="hljs-number">50</span>:<span class="hljs-number">00.000</span>Z
| Location: https:<span class="hljs-regexp">//</span>www.dongguoshare.com<span class="hljs-regexp">/wp-content/</span>plugins<span class="hljs-regexp">/wp-ulike/</span>
| Readme: https:<span class="hljs-regexp">//</span>www.dongguoshare.com<span class="hljs-regexp">/wp-content/</span>plugins<span class="hljs-regexp">/wp-ulike/</span>readme.txt
[!] The version is out of date, the latest version is <span class="hljs-number">3.4</span>
[!] Title: WP ULike &lt;= <span class="hljs-number">3.1</span> - Unauthenticated Stored XSS
Reference: https:<span class="hljs-regexp">//</span>wpvulndb.com<span class="hljs-regexp">/vulnerabilities/</span><span class="hljs-number">9083</span>
Reference: https:<span class="hljs-regexp">//</span>advisories.dxw.com<span class="hljs-regexp">/advisories/</span>stored-xss-wp-ulike/
Reference: https:<span class="hljs-regexp">//</span>plugins.trac.wordpress.org<span class="hljs-regexp">/changeset/</span><span class="hljs-number">1863114</span>/wp-ulike
Reference: http:<span class="hljs-regexp">//</span>seclists.org<span class="hljs-regexp">/fulldisclosure/</span><span class="hljs-number">2018</span><span class="hljs-regexp">/May/</span><span class="hljs-number">33</span>
[i] Fixed <span class="hljs-keyword">in</span>: <span class="hljs-number">3.2</span></code></pre><p>So…这个冻果果还敢说自己的技术很好最起码的连WordPress都不知道要时刻更新万一来个高危漏洞不就傻眼啦</p><p>WPScan还贴心的在每个漏洞下贴出了相关链接甚至是复现方法</p><h2 id="结语"><a class="markdownIt-Anchor" href="#结语"></a> 结语</h2><p>发这篇文章除了为了介绍WPScan这个强大的工具之外也想告诉这个冻果果团队千万不要会一点技术就得瑟请永远保持一颗谦卑的心接受他人的合理的意见。再这么嚣张下去迟早要gg的</p><p>哎呀<sub>说多了,那么感谢各位的阅读</sub>也请各位注意网站的安全,做好必要的防护哟~</p><p>注:本文仅对冻果果论坛安全性进行评估,没有通过检出漏洞对冻果果实施攻击等操作。</p></body></html></div><div class="license"><div class="license-title">使用WPScan扫描WordPress博客安全性</div><div class="license-link"><a href="https://blog.hans362.cn/post/scan-wordpress-vulnerability-with-wpscan/">https://blog.hans362.cn/post/scan-wordpress-vulnerability-with-wpscan/</a></div><div class="license-meta"><div class="license-meta-item"><div class="license-meta-title">本文作者</div><div class="license-meta-text">Hans362</div></div><div class="license-meta-item"><div class="license-meta-title">最后更新</div><div class="license-meta-text">2018-07-16</div></div><div class="license-meta-item"><div class="license-meta-title">许可协议</div><div class="license-meta-text"><a href="https://creativecommons.org/licenses/by-nc-sa/4.0/deed.zh" rel="nofollow noopener noreferrer" target="_blank">CC BY-NC-SA 4.0</a></div></div></div><div>转载或引用本文时请遵守许可协议,注明出处、不得用于商业用途!</div></div><div class="post-footer__cats"><a href="/categories/%E6%8A%80%E6%9C%AF%E5%90%91/" class="post-cats__link button">技术向</a><a href="/tags/Web/" class="post-tags__link button"># Web</a><a href="/tags/%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8/" class="post-tags__link button"># 网络安全</a><a href="/tags/WordPress/" class="post-tags__link button"># WordPress</a><a href="/tags/WPScan/" class="post-tags__link button"># WPScan</a></div></article><div class="nav"><div class="nav__prev"><a href="/post/a-gift-from-hans362/" class="nav__link"><div><svg viewBox="0 0 1024 1024" xmlns="http://www.w3.org/2000/svg" width="24" height="24"><path d="M589.088 790.624L310.464 512l278.624-278.624 45.248 45.248L400.96 512l233.376 233.376z" fill="#808080"></path></svg></div><div><div class="nav__label">上一篇</div><div class="nav__title">手慢无Hans362发福利啦</div></div></a></div><div class="nav__next"><a href="/post/a-coffee-cup-from-aws/" class="nav__link"><div><div class="nav__label">下一篇</div><div class="nav__title">收到来自AWS的马克杯</div></div><div><svg viewBox="0 0 1024 1024" xmlns="http://www.w3.org/2000/svg" width="24" height="24"><path d="M434.944 790.624l-45.248-45.248L623.04 512l-233.376-233.376 45.248-45.248L713.568 512z" fill="#808080"></path></svg></div></a></div></div><div class="post__sponsers card"><div class="sponser-label">喜欢这篇文章吗?考虑支持一下作者吧~</div><a class="sponser-button button" href="https://afdian.net/@hans362" rel="external nofollow noreferrer" target="_blank" data-type="afdian">爱发电</a> <a class="sponser-button button" data-type="alipay">支付宝<img class="sponser-qrcode" src="https://hans362-img.oss.0vv0.top/2021/08/05/68281340.jpg"></a></div><div class="post__comments post__with-toc card" id="comment"><h4>评论</h4><div id="disqus_thread">您所在的地区可能无法访问 Disqus 评论系统,请切换网络环境再尝试。</div></div></div></main><footer><p class="footer-copyright">Copyright © 2017&nbsp;-&nbsp;2025 <a href="/">Hans362 &#39;s Blog</a></p><p>Powered by <a href="https://hexo.io" target="_blank">Hexo</a> | Theme - <a href="https://github.com/ChrAlpha/hexo-theme-cards" target="_blank">Cards</a></p><script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script><ins class="adsbygoogle" style="display:block" data-ad-client="ca-pub-8746554831230893" data-ad-slot="6356225601" data-ad-format="auto" data-full-width-responsive="true"></ins><script>(adsbygoogle=window.adsbygoogle||[]).push({})</script></footer></div><script defer src="https://blog.hans362.cn/npm/vanilla-lazyload@17.8.3/dist/lazyload.min.js"></script><script>window.lazyLoadOptions={elements_selector:".lazy"}</script><script async defer data-website-id="5d181692-8a81-4c20-a282-cee87a6b90ef" src="https://analytics.0vv0.top/vue.js"></script><script src="/js/pageviews.js"></script><link rel="stylesheet" href="https://blog.hans362.cn/npm/katex@0.16.0/dist/katex.min.css" crossorigin="anonymous"><script>function loadComment(){let n,e;(n=document.createElement("script")).src="https://blog.hans362.cn/js/disqus.js",document.body.appendChild(n),n.onload=()=>{new DisqusJS({shortname:"hans362-s-blog",siteName:"Hans362 &#39;s Blog",api:"https://api-v3.hans362.cn/",apikey:"8Z1UVT4UOk22yNyk9MhpqQ0FLb27Hb1bpV066b4v9zOFie0GQ6VCoJ9TJwoGlCVF",admin:"hans362",identifier:"post/scan-wordpress-vulnerability-with-wpscan/",url:"https://blog.hans362.cn/post/scan-wordpress-vulnerability-with-wpscan/",nesting:"4"})},(e=document.createElement("link")).rel="stylesheet",e.href="https://blog.hans362.cn/css/disqusjs.css",document.head.appendChild(e)}var runningOnBrowser="undefined"!=typeof window,isBot=runningOnBrowser&&!("onscroll"in window)||"undefined"!=typeof navigator&&/(gle|ing|ro|msn)bot|crawl|spider|yand|duckgo/i.test(navigator.userAgent),supportsIntersectionObserver=runningOnBrowser&&"IntersectionObserver"in window;setTimeout(function(){var e;!isBot&&supportsIntersectionObserver?(e=new IntersectionObserver(function(n){n[0].isIntersecting&&(loadComment(),e.disconnect())},{threshold:[0]})).observe(document.getElementById("comment")):loadComment()},1)</script></body></html>
Reference in New Issue View Git Blame Copy Permalink