URL: https://roadshow.miic.gov.jm/ [196.3.191.239] Started: Mon Mar 3 11:11:40 2025 Interesting Finding(s): Headers | Interesting Entries: | - Server: nginx | - X-Powered-By: PHP/8.3.16, PleskLin | - Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://www.youtube-nocookie.com https://www.google.com https://www.gstatic.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; img-src 'self' data: https://www.youtube.com https://www.google.com https://www.gstatic.com https://googlesyndication.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com https://cdn.jsdelivr.net https://cdnjs.cloudflare.com; connect-src 'self' https://roadshow.miic.gov.jm https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://www.youtube.com https://www.googleapis.com https://jnn-pa.googleapis.com https://www.googletagmanager.com; frame-src 'self' https://www.youtube.com https://www.youtube-nocookie.com; worker-src 'self' blob:; object-src 'none'; base-uri 'self'; upgrade-insecure-requests; | - Referrer-Policy: no-referrer-when-downgrade | - Permissions-Policy: geolocation=(), microphone=() | Found By: Headers (Passive Detection) | Confidence: 100% robots.txt found: https://roadshow.miic.gov.jm/robots.txt | Interesting Entries: | - /wp-admin/ | - /wp-admin/admin-ajax.php | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% The external WP-Cron seems to be enabled: https://roadshow.miic.gov.jm/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 WordPress version 6.7.2 identified (Latest, released on 2025-02-11). | Found By: Emoji Settings (Passive Detection) | - https://roadshow.miic.gov.jm/, Match: 'wp-includes\/js\/wp-emoji-release.min.js?ver=6.7.2' | Confirmed By: Meta Generator (Passive Detection) | - https://roadshow.miic.gov.jm/, Match: 'WordPress 6.7.2' WordPress theme in use: miic | Location: https://roadshow.miic.gov.jm/wp-content/themes/miic/ | Style URL: https://roadshow.miic.gov.jm/wp-content/themes/miic/style.css | Style Name: MIIC | Author: MIIC ICT | | Found By: Urls In Homepage (Passive Detection) | | The version could not be determined. Enumerating Users (via Passive and Aggressive Methods) Brute Forcing Author IDs -: |=================================================| User(s) Identified: nicola.wint | Found By: Rss Generator (Aggressive Detection) | Confirmed By: Login Error Messages (Aggressive Detection) donovan.saunches | Found By: Rss Generator (Aggressive Detection) No WPScan API Token given, as a result vulnerability data has not been output. You can get a free API token with 25 daily requests by registering at https://wpscan.com/register Finished: Mon Mar 3 11:11:53 2025 Requests Done: 54 Cached Requests: 5 Data Sent: 17.909 KB Data Received: 317.735 KB Memory used: 188.797 MB Elapsed time: 00:00:12