Kuninganizer

1. [i] It seems like you have not updated the database for some time.
2. [?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]y
3. [i] Updating the Database ...
4. [i] Update completed.
5. [+] URL: http://kuninganizer.com/
6. [+] Started: Tue Apr 25 10:30:04 2017
7.  
8. [+] robots.txt available under: 'http://kuninganizer.com/robots.txt'
9. [+] Interesting entry from robots.txt: http://kuninganizer.com/wp-admin/admin-ajax.php
10. [!] The WordPress 'http://kuninganizer.com/readme.html' file exists exposing a version number
11. [+] Interesting header: AGE: 63
12. [+] Interesting header: SERVER: Rocket Booster
13. [+] Interesting header: X-CACHE: HIT
14. [+] Interesting header: X-CACHE-HITS: 2
15. [+] Interesting header: X-POWERED-BY: Warna Web Accelerator
16. [+] Interesting header: X-VARNISH: 7379904 8230809
17. [+] XML-RPC Interface available under: http://kuninganizer.com/xmlrpc.php
18.  
19. [+] WordPress version 4.7.4 (Released on 2017-04-20) identified from meta generator, links opml
20.  
21. [+] WordPress theme in use: Newspaper - v7.8
22.  
23. [+] Name: Newspaper - v7.8
24.  |  Location: http://kuninganizer.com/wp-content/themes/Newspaper/
25.  |  Readme: http://kuninganizer.com/wp-content/themes/Newspaper/readme.txt
26.  |  Style URL: http://kuninganizer.com/wp-content/themes/Newspaper/style.css
27.  |  Theme Name: Newspaper
28.  |  Theme URI: http://tagdiv.com
29.  |  Description: Premium wordpress template, clean and easy to use.
30.  |  Author: tagDiv
31.  |  Author URI: http://themeforest.net/user/tagDiv/portfolio
32.  
33. [+] Enumerating plugins from passive detection ...
34.  | 3 plugins found:
35.  
36. [+] Name: google-captcha - v1.27
37.  |  Last updated: 2017-04-14T13:02:00.000Z
38.  |  Location: http://kuninganizer.com/wp-content/plugins/google-captcha/
39.  |  Readme: http://kuninganizer.com/wp-content/plugins/google-captcha/readme.txt
40. [!] The version is out of date, the latest version is 1.28
41.  
42. [!] Title: Multiple BestWebSoft Plugins - Authenticated Reflected GET Cross-Site Scripting (XSS)
43.     Reference: https://wpvulndb.com/vulnerabilities/8796
44.     Reference: http://www.defensecode.com/advisories/DC-2017-02-014_50_WordPress_plugins_by_BestWebSoft_Advisory.pdf
45.     Reference: http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2017-April/010860.html
46. [i] Fixed in: 1.28
47.  
48. [+] Name: js_composer
49.  |  Location: http://kuninganizer.com/wp-content/plugins/js_composer/
50.  
51. [!] We could not determine a version so all vulnerabilities are printed out
52.  
53. [!] Title: Visual Composer <= 4.7.3 - Multiple Unspecified Cross-Site Scripting (XSS)
54.     Reference: https://wpvulndb.com/vulnerabilities/8208
55.     Reference: http://codecanyon.net/item/visual-composer-page-builder-for-wordpress/242431
56.     Reference: https://forums.envato.com/t/visual-composer-security-vulnerability-fix/10494/7
57. [i] Fixed in: 4.7.4
58.  
59. [+] Name: wordpress-seo - v4.5
60.  |  Last updated: 2017-04-11T09:39:00.000Z
61.  |  Location: http://kuninganizer.com/wp-content/plugins/wordpress-seo/
62.  |  Readme: http://kuninganizer.com/wp-content/plugins/wordpress-seo/readme.txt
63. [!] The version is out of date, the latest version is 4.6
64.  
65. [+] Finished: Tue Apr 25 10:42:53 2017
66. [+] Requests Done: 104
67. [+] Memory used: 66.355 MB
68. [+] Elapsed time: 00:12:49