How to scan WordPress Websites With WPScan For Security Vulnerabilities

Posted on Temitope Odemo By Temitope Odemo No Comments on How to scan WordPress Websites With WPScan For Security Vulnerabilities
WPScan-Banner

WordPress is a free Content Management System that you can easily use to quickly develop world-class websites. Over 60% of websites online were built with WordPress. In this article, you will learn how to scan WordPress Websites With WPScan For Security Vulnerabilities. Please see these interesting guides: WordPress site on Azure: How to create a website hosted in Azure, “Deploy WordPress on Azure App Service: How to install MySQL“, and how to Disable Touchpad on Windows 11.

However, current reports suggest that WordPress websites contain themes and plugins with security vulnerabilities. So, there is a need to discover where the vulnerability is and to quickly remediate it. Here is a YouTube Video showing these steps.

WPScan is a free tool that can scan your WordPress website and easily help to identify all the security issues on the site. Follow the steps below to scan WordPress Websites With WPScan For Security Vulnerabilities.

If you want to read more on WordPress check these: How To Fix WordPress error “The Link You Followed Has Expired”, How to Install and Configure WordPress on Your Windows Computer Using WAMP SERVER,

1. Using WPScan scan WordPress Websites on Kali OS

Launch your Kali system, search, and open wpscan, but in case you cannot find it use the following command to install wpscan on kali.

apt install wpscan -y
WPScan-on-Kali

Paste this command wpscan --url https://yourwordpresssite.com

WPScan-Process

The scan will display your confidence level and inform you of the area that is vulnerable and will need urgent attention.

Please see how to Install and Setup WordPress into a cPanel and Configure Your First WordPress Theme, how to Integrate a WordPress site with WP Telegram, how to fix WordPress error: There has been a critical error on this website, please check your site admin email inbox for instructions.

2. Using WPScan on Docker

Firstly, install docker and the package, launch Docker, and insert the following command that will Pull the WPScan docker image.

docker pull wpscanteam/wpscan
Pulling-WPScan-Docker-Image

Once the image is pulled successfully you will see it on the local image section of the Docker Desktop.

WPScan-Image-Pulled-Successfully

3. Running the WPScan docker command

Secondly, Once the image is pulled, run the following command:

docker run -it --rm wpscanteam/wpscan --url https://yourwordpresssite.com
WPScanning-on-Docker

Just like the WPScan on Kali, the WPScan on the Docker will also display confidence level and inform you of the area that is vulnerable and will need urgent attention.

Please see How to perform vulnerability scan on Microsoft SQL Server, How to get lists of installed Microsoft Windows Updates, and how to fix [MAILX ERROR: STATUS=BOUNCED] Fixing Mailx error when sending emails from Command line.

I hope you found this blog post How To Scan WordPress websites With WPScan For Security Vulnerabilities Interesting and helpful. In case you have any questions do not hesitate to ask in the comment section.

5/5 - (1 vote)
Security | Vulnerability Scans and Assessment Tags:, , , ,

Related Posts

More Related Articles

Featured image new How to update the BIOS on your Dell system Security | Vulnerability Scans and Assessment
Featured image Tamper Protection for Microsoft Defender on Windows 10 [Part 1] Security | Vulnerability Scans and Assessment
PetitPotam PetitPotam attack on Active Directory Certificate Services: How to mitigate NTLM Relay PetitPotam attack on AD CS Security | Vulnerability Scans and Assessment
Microsoft Defender Attack Surface Reduction Configuration with Microsoft Defender Scripts
images How to perform vulnerability scan on Microsoft SQL Server Security | Vulnerability Scans and Assessment
Fix Windows Security Blank Screen Issue How to Fix Windows Security Blank Screen Issue Network | Monitoring

Leave a Reply