Pastebin

Paste #28740: arditi.club WPScan

< previous paste - next paste>

Pasted by anon

Download View as text 

         __          _______   _____
         \ \        / /  __ \ / ____|
          \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
           \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
            \  /\  /  | |     ____) | (__| (_| | | | |
             \/  \/   |_|    |_____/ \___|\__,_|_| |_|

         WordPress Security Scanner by the WPScan Team
                         Version 3.8.25
                               
       @_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[i] Updating the Database ...
[i] Update completed.

[+] URL: http://arditi.club/ [66.223.49.32]
[+] Started: Wed Apr 16 06:03:13 2025

Interesting Finding(s):

[+] Headers
 | Interesting Entries:
 |  - x-powered-by: PHP/7.4.33
 |  - x-dns-prefetch-control: on
 |  - x-litespeed-cache: hit
 |  - server: LiteSpeed
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

[+] robots.txt found: http://arditi.club/robots.txt
 | Interesting Entries:
 |  - /wp-admin/
 |  - /wp-admin/admin-ajax.php
 | Found By: Robots Txt (Aggressive Detection)
 | Confidence: 100%

[+] This site seems to be a multisite
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | Reference: http://codex.wordpress.org/Glossary#Multisite

[+] ThemeMakers migration file found: http://arditi.club/wp-content/uploads/tmm_db_migrate/tmm_db_migrate.zip
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | Reference: https://packetstormsecurity.com/files/131957/

[+] The external WP-Cron seems to be enabled: http://arditi.club/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

Fingerprinting the version - Time: 01:04:20 <===========================================================================================================================================================================================================================================> (702 / 702) 100.00% Time: 01:04:20
[i] The WordPress version could not be detected.

[i] The main theme could not be detected.

[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] bp-verified-member
 | Location: http://arditi.club/wp-content/plugins/bp-verified-member/
 | Latest Version: 1.2.7
 | Last Updated: 2024-07-02T09:32:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] dracula-dark-mode
 | Location: http://arditi.club/wp-content/plugins/dracula-dark-mode/
 | Latest Version: 1.2.7
 | Last Updated: 2025-01-27T13:03:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] easy-digital-downloads
 | Location: http://arditi.club/wp-content/plugins/easy-digital-downloads/
 | Latest Version: 3.3.7 (up to date)
 | Last Updated: 2025-03-17T21:44:00.000Z
 |
 | Found By: Meta Tag (Passive Detection)
 |
 | Version: 3.3.7 (60% confidence)
 | Found By: Meta Tag (Passive Detection)
 |  - http://arditi.club/, Match: 'Easy Digital Downloads v3.3.7'

[+] elementor
 | Location: http://arditi.club/wp-content/plugins/elementor/
 | Latest Version: 3.28.3
 | Last Updated: 2025-04-01T10:28:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] google-analytics-for-wordpress
 | Location: http://arditi.club/wp-content/plugins/google-analytics-for-wordpress/
 | Latest Version: 9.4.1
 | Last Updated: 2025-03-27T16:04:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] google-site-kit
 | Location: http://arditi.club/wp-content/plugins/google-site-kit/
 | Latest Version: 1.149.1 (up to date)
 | Last Updated: 2025-03-25T14:16:00.000Z
 |
 | Found By: Meta Tag (Passive Detection)
 |
 | Version: 1.150.0 (60% confidence)
 | Found By: Meta Tag (Passive Detection)
 |  - http://arditi.club/, Match: 'Site Kit by Google 1.150.0'

[+] litespeed-cache
 | Location: http://arditi.club/wp-content/plugins/litespeed-cache/
 | Latest Version: 7.0.1
 | Last Updated: 2025-04-08T18:59:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] ultimate-social-media-icons
 | Location: http://arditi.club/wp-content/plugins/ultimate-social-media-icons/
 | Latest Version: 2.9.5
 | Last Updated: 2025-02-13T16:26:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] wordpress-popular-posts
 | Location: http://arditi.club/wp-content/plugins/wordpress-popular-posts/
 | Latest Version: 7.3.1
 | Last Updated: 2025-04-10T14:55:00.000Z
 |
 | Found By: Urls In Homepage (Passive Detection)
 |
 | The version could not be determined.

[+] Enumerating Config Backups (via Passive and Aggressive Methods)
 Checking Config Backups - Time: 00:09:40 <==================================

[i] No Config Backups Found.

[!] No WPScan API Token given, as a result vulnerability data has not been ou
[!] You can get a free API token with 25 daily requests by registering at htt

[+] Finished: Wed Apr 16 07:26:06 2025
[+] Requests Done: 955
[+] Cached Requests: 6
[+] Data Sent: 226.716 KB
[+] Data Received: 23.661 MB
[+] Memory used: 237.527 MB
[+] Elapsed time: 01:22:52

New Paste


Do not write anything in this field if you're a human.

Go to most recent paste.

Backed by:
PG Support
PostgreSQL Professional Services
DebianSupport
Debian Linux Support