Exactly how vulnerable is your WordPress version? Ask the good folks over at the WordPress vulnerability database who have not only assembled a vulnerability list by version, but also provided a nice API for querying.
# WordPress 4.4.2 vulnerabilities, by type
$ curl -sS https://wpvulndb.com/api/v2/wordpresses/442 |\
jq -r '.["4.4.2"]|.["vulnerabilities"]|.[].vuln_type' |\
sort | uniq -c
1 BYPASS
1 CSRF
1 LFI
1 SSRF
1 UNKNOWN
5 XSS
wpvulndb() {
version=${1:?Check which WordPress version for vulnerabilities (eg 4.8.3)?}
curl -sS "https://wpvulndb.com/api/v2/wordpresses/${version//./}" | \
jq -r --arg version "$version" '.[$version]|.["vulnerabilities"]|.[].title'
}
wpvulndb 4.8.3
0 comments:
Post a Comment
Share your thoughts!