With more than 24% of websites on the Internet running WordPress, and a 60% share of the Content Management System (CMS) market; WordPress security is becoming an increasingly important factor in an organization’s security posture.While WordPress’ core is designed with security in mind, the same cannot be said for the thousands of plugins which extend the WordPress ecosystem. Unfortunately, thousands of WordPress plugins contain high-severity vulnerabilities. Unless vulnerable plugins are updated or disabled, they could allow attackers to easily compromise the integrity and availability of the site, gain access to the WordPress administrative interface and the database, as well as deface the site and trick users into phishing attacks, or use the site to distribute malware.
Scan for Over 1200 Vulnerable WordPress Plugins & Other WordPress-specific Misconfigurations
Scan for Vulnerable WordPress Plugins
Acunetix identifies WordPress installations, and will launch security tests for over 1200 popular WordPress plugins, as well as several other vulnerability tests for WordPress core vulnerabilities. In addition, Acunetix will also conduct other WordPress-specific configuration tests such as weak WordPress admin passwords, WordPress username enumeration,
wp-config.php backup files, malware disguised as plugins and old versions of plugins.
The WordPress plugins detected, are listed in the WordPress plugins Knowledge Base including a description, version number detected and latest version of plugin to update to. Similar checks are also performed on other Content Management Systems such as Joomla! and Drupal.
WordPress Configuration File Disclosure
Although most of the common configuration settings are available through the WordPress admin interface, the WordPress administrator might need to alter certain settings from
wp-config.php directly. This is often done by first creating a backup of the known working configuration, before proceeding with manually altering the file in a text editor. However, the backed up file becomes available to whoever is able to guess the name of the backup file.
Username Enumeration and Weak Password Guessing
Acunetix runs tests for username enumeration of WordPress accounts. Enumerating usernames gives attackers a head-start when attacking your WordPress installation, since an attacker would have the necessary information to launch a password dictionary attack against the enumerated usernames.
Based on the users identified during the scan, Acunetix will also attempt to detect if the enumerated users are using weak passwords based on a password list, as well as other combinations, including the use of leetspeak.
Not just WordPress
In addition to detection of vulnerable versions of WordPress core, plugins and misconfigurations, Acunetix can also detect vulnerabilities in Joomla! and Drupal installations. Following WordPress, Joomla! and Drupal are among the most widely deployed Content Management Systems (CMSs) and have their own share of vulnerabilities and misconfigurations.
We use Acunetix for initial site enumeration and to ensure that we cover all common surface area and attacks with at least a minimum level of testing. Most of our testing is completed manually and we find logic issues, and so on, but occasionally we focus on difficult to find issues instead of simple issues, like a file upload flaw hidden in the corner of a site that Acunetix brings to our attention.