WPProbe Plugin Enumeration Tool 0.11.8

A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

Wordfence exposes a sophisticated WordPress malware campaign using a rogue WordPress Core plugin. Active since 2023, it steals credit cards and credentials with advanced anti-detection...

Vulnerable version of xmlsec used - CVE-2021-40690

Affected versions of Atlassian Jira Server and Data Center used versions of xmlsec that were vulnerable to CVE-2021-40690. Affected versions: version 8.22.2 Workaround: version 8.22.2 LTS versions 8.13 and versions up to 8.20.14 should also apply this workaround. This is permanently fixed in...

dnf security and bug fix update

dnf 4.7.0-4.0.1 -Fixed python stack trace with updateinfo list cves command Orabug: 32749660 - Replaced upstream bugzilla reporting reference. Orabug: 32829849 4.7.0-4 - Update translations RhBug:1961632 4.7.0-3 - Improve signature checking using rpmkeys RhBug:1967454 4.7.0-2 - Fix covscan issue:...

WPHunter - Wordpress Vulnerability Scanner

You can use this tool on your wordpress website to check the security of your website by finding the vulnerability in your website. Over 75 million websites run on WordPress. which is now powers 26% of the Web. Remarkably enough thousands of WP sites are vulnerable to attacks and get hacked each...

WordPress Plugin Detection

Binary data wordpressplugindetect.nbin...

Tracking software versions using Nessus and Splunk

Let's say you have already exported scan results from Nessus or Tenable SecurityCenter to Splunk using HTTP event connector, or in some other way. And you see that some critical software vulnerability was published. For example, this month Jira critical vulnerability. How to find out, do we have...

CVE-2016-2832

Mozilla Firefox before 47.0 allows remote attackers to discover the list of disabled plugins via a fingerprinting attack involving Cascading Style Sheets CSS pseudo-classes...

[wig] WebApp Information Gatherer (Identify CMS)

wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. OS identification is done by using the value of the ‘server’ and ‘X-Powered-By’ in the response header. These values are compared to a database of whi...

Mozilla Firefox Plugin Detection

Binary data 4745.prm...