"www.aids.org.hk" Wordpress Users - Online Wordpress Security Scanner

Enumerate Wordpress Users (wpscan --url https://www.aids.org.hk/ --enumerate u --random-user-agent --force --max-scan-duration 60)

URL: https://www.aids.org.hk/ [104.22.44.250]
Started: Thu Dec  5 22:55:35 2024

Interesting Finding(s):

Headers
 | Interesting Entries:
 |  - Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
 |  - Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
 |  - Cross-Origin-Embedder-Policy: require-corp
 |  - Cross-Origin-Opener-Policy: same-origin
 |  - Cross-Origin-Resource-Policy: same-origin
 |  - Origin-Agent-Cluster: ?1
 |  - Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
 |  - Referrer-Policy: same-origin
 |  - X-Content-Options: nosniff
 |  - cf-mitigated: challenge
 |  - cf-chl-out: 8A/vPnccp+0XBBVxj5ffIHtLWlQSIsMLXQ4WE22hsYeklDlOkXlADiG8z65c/eQREnhnNqD2pcdF/+A6Z2/kedm9ZyIbSISp/f67qJ9hOnG9CMaBMlD0R00eWO25LMdIBDnQXn+j8JZzBotC8mXFdg==$+QJIzRNrqD5Zq4jyOvDmBg==
 |  - Server: cloudflare
 |  - CF-RAY: 8ed9574ccd8242ab-EWR
 |  - alt-svc: h3=":443"; ma=86400
 | Found By: Headers (Passive Detection)
 | Confidence: 100%


Fingerprinting the version -: |================================================|
 The WordPress version could not be detected.

 The main theme could not be detected.

Enumerating Users (via Passive and Aggressive Methods)

 Brute Forcing Author IDs -: |=================================================|

 No Users Found.

 No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Thu Dec  5 22:56:25 2024
Requests Done: 761
Cached Requests: 8
Data Sent: 337.935 KB
Data Received: 1.498 MB
Memory used: 102.836 MB
Elapsed time: 00:00:50

Color Scheme

Target

www.aids.org.hk

Scan method

Enumerate Wordpress Users

Run command

wpscan --url https://www.aids.org.hk/ --enumerate u --random-user-agent --force --max-scan-duration 60

Scan time

50s

Quick report

Order full scan ($19/one time)

Scan date

05 Dec 2024 22:56

Copy scan report

Download report

Remove scan result

Total scans

About 3 times

Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist