Using WPScan To Find WordPress Vulnerabilities

wpscan is a free tool for scanning WordPress; let’s face it, there are many vulnerabilities in WordPress! This segment will walk you through installing, configuring, and using wpscan.

You can find the technical segment write-up here.

Summary

Learn how to use WPScan to scan WordPress sites stealthily for vulnerabilities and configure it to run continuously.

Highlights

  • WPScan is a free tool for scanning WordPress sites for vulnerabilities and can be easily installed via Ruby.
  • Stealthy scanning can be achieved using WPScan’s options to modify the scan profile and avoid being blocked.
  • WPScan requires an API key for vulnerability enumeration, which can be obtained for free but limits up to 30 API calls daily.
  • Creating a yaml configuration file allows for inputting specific options, such as user agent and scanning in passive mode. It can be used to run WPScan continuously via cron jobs or scripts.
  • Updating the internal database is essential and can be done with the “–update” flag after running WPScan.