Skip to content

Instantly share code, notes, and snippets.



Last active Nov 13, 2020
What would you like to do?
Simple WPScan commands
Get your API token from if you also want the vulnerabilities associated with the detected plugin displaying.
For all plugins with known vulnerabilities:
wpscan --url -e vp --plugins-detection mixed --api-token YOUR_TOKEN
For all plugins in our database (could take a very long time):
wpscan --url -e ap --plugins-detection mixed --api-token YOUR_TOKEN
To bypass some simple WAFs use the "--random-user-agent" option.

This comment has been minimized.

Copy link

@zinminphyo0 zinminphyo0 commented Nov 13, 2020

That's not work for me


This comment has been minimized.

Copy link
Owner Author

@ethicalhack3r ethicalhack3r commented Nov 13, 2020

Try again, we had some issues with the API this morning.

And update your version of WPScan.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment