1. WPScan Online
Membership level: Free member
Enumerate Wordpress Users (wpscan --url https://teplo-pena.ru/ --enumerate u --random-user-agent --force --max-scan-duration 60)
URL: https://teplo-pena.ru/ [194.87.214.243]
Started: Fri Feb 20 01:55:51 2026

Interesting Finding(s):

Headers
 | Interesting Entry: Server: GSE
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

robots.txt found: https://teplo-pena.ru/robots.txt
 | Found By: Robots Txt (Aggressive Detection)
 | Confidence: 100%

WordPress readme found: https://teplo-pena.ru/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

This site has 'Must Use Plugins': https://teplo-pena.ru/wp-content/mu-plugins/
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 80%
 | Reference: http://codex.wordpress.org/Must_Use_Plugins

The external WP-Cron seems to be enabled: https://teplo-pena.ru/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

 No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Fri Feb 20 01:56:42 2026
Requests Done: 41
Cached Requests: 5
Data Sent: 11.544 KB
Data Received: 332.361 KB
Memory used: 129.305 MB
Elapsed time: 00:00:50

Scan Aborted: JSON parsing error in /root/.wpscan/db/metadata.json Max Scan Duration Reached
Trace: /usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/helper.rb:6:in `rescue in read_json_file'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/helper.rb:3:in `read_json_file'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/db/wp_item.rb:16:in `metadata'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/db/wp_version.rb:9:in `metadata'
/usr/local/share/gems/gems/wpscan-3.8.27/app/models/wp_version.rb:28:in `all'
/usr/local/share/gems/gems/wpscan-3.8.27/app/models/wp_version.rb:19:in `valid?'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/finders/dynamic_finder/wp_version.rb:9:in `create_version'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb:23:in `block in find'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb:22:in `each'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/finders/dynamic_finder/version/query_parameter.rb:22:in `find'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/finders/dynamic_finder/finder.rb:71:in `aggressive'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/base_finders.rb:31:in `run_finder'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/unique_finders.rb:22:in `block (2 levels) in run'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/unique_finders.rb:21:in `each'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/unique_finders.rb:21:in `block in run'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/unique_finders.rb:20:in `each'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/unique_finders.rb:20:in `run'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/independent_finder.rb:21:in `find'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/finders/independent_finder.rb:12:in `find'
/usr/local/share/gems/gems/wpscan-3.8.27/lib/wpscan/target.rb:42:in `wp_version'
/usr/local/share/gems/gems/wpscan-3.8.27/app/controllers/wp_version.rb:26:in `run'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/controllers.rb:50:in `each'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/controllers.rb:50:in `block in run'
/usr/local/share/gems/gems/timeout-0.4.0/lib/timeout.rb:186:in `block in timeout'
/usr/local/share/gems/gems/timeout-0.4.0/lib/timeout.rb:193:in `timeout'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/controllers.rb:45:in `run'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/scan.rb:24:in `run'
/tools/wpscan/bin/wpscan:17:in `block in <main>'
/usr/local/share/gems/gems/cms_scanner-0.14.3/lib/cms_scanner/scan.rb:15:in `initialize'
/tools/wpscan/bin/wpscan:6:in `new'
/tools/wpscan/bin/wpscan:6:in `<main>'
Color Scheme
Target
teplo-pena.ru
Scan method
Enumerate Wordpress Users
Run command
wpscan --url https://teplo-pena.ru/ --enumerate u --random-user-agent --force --max-scan-duration 60
Scan time
50s
Quick report
Order full scan ($19/one time)
Scan date
20 Feb 2026 04:56
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration: