3 :80 wpscan

$ wpscan --url http://monitors.htb

[+] XML-RPC seems to be enabled: http://monitors.htb/xmlrpc.ph

[+] Upload directory has listing enabled: http://monitors.htb/wp-content/uploads/

[+] WordPress version 5.5.1 identified (Insecure, released on 2020-09-01).

[+] WordPress theme in use: iconic-one
 | Location: http://monitors.htb/wp-content/themes/iconic-one/
 | [!] The version is out of date, the latest version is 2.2
 | Version: 2.1.7 (80% confidence)

[i] Plugin(s) Identified:
[+] wp-with-spritz
 | Location: http://monitors.htb/wp-content/plugins/wp-with-spritz/
 | Latest Version: 1.0 (up to date)

[i] User(s) Identified:
[+] admin
 | Found By: Author Posts - Author Pattern (Passive Detection)
 
 
# found exploit for plugin
| https://www.exploit-db.com/exploits/44544

Last updated