Scan vulnerabilites of WordPress

Scan WordPress (core, plugin, theme)

For non-commercial use, you can use this WordPress integration for free. But for commercial use, You have to send a E-Mail to the WPVulnDB team. For Details, see the NOTE:

If you are under any doubt if your software is classed as non-commercial and/or would like to inquire about commercial usage of our databases get in touch.

First, you need to register a user and get the API token from your profile page on wpvulndb.com. And then, check whether the wp command is insatalled on the scan target server. A sample configuration is below.

config.toml

  [servers.kusanagi]
    user = "root"
    host = "10.10.10.10"
    port = "22"

  [servers.kusanagi.wordpress]
    cmdPath = "/usr/local/bin/wp"
    osUser = "wordpress"
    docRoot = "/home/kusanagi/wp/DocumentRoot/"
    wpVulnDBToken = "xxxxTokenxxxx"
    ignoreInactive = false

cmdPath : A path of wp on the wordpress server
osUser : A OS user of wp on the wordpress server
docRoot : A path of document root onthe wordpress server
wpVulnDBToken : A token of WPVULNDB API
ignoreInactive : Ignore plugins or themes which are inactive state

Scan

To scan WordPress, execute as below.

$ vuls scan kusanagi

Vuls collects WordPrss Core version, plugins and themes via wp-cli.

Reporting

$ vuls report

Vuls detects vulnerabilities via accessing WPVulnDB.com via HTTP.

Slack

Full-Text

Tips

If you have some virtual WordPres sites in a server.
If you want a report of only WordPress without OS packages.

Let's use ignorePkgsRegexp = [".*"]. This is not ECO, but works fine :-)

- The point of config.toml

# for server administrator
[servers.wordpress]
host = "wordpress"

# for WordPress site FOO
[servers.foo]
host = "wordpress"
ignorePkgsRegexp = [".*"]
[servers.foo.wordpress]
docRoot = "/home/foo/wordpress/"

# for WordPress site BAR
[servers.bar]
host = "wordpress"
ignorePkgsRegexp = [".*"]
[servers.bar.wordpress]
docRoot = "/home/bar/wordpress/"