"www.aids.org.hk" Wordpress Users - Online Wordpress Security Scanner

Enumerate Wordpress Users (wpscan --url https://www.aids.org.hk/ --enumerate u --random-user-agent --force --max-scan-duration 60)

URL: https://www.aids.org.hk/ [104.22.44.250]
Started: Thu Dec  5 22:54:27 2024

Interesting Finding(s):

Headers
 | Interesting Entries:
 |  - Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
 |  - Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
 |  - Cross-Origin-Embedder-Policy: require-corp
 |  - Cross-Origin-Opener-Policy: same-origin
 |  - Cross-Origin-Resource-Policy: same-origin
 |  - Origin-Agent-Cluster: ?1
 |  - Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
 |  - Referrer-Policy: same-origin
 |  - X-Content-Options: nosniff
 |  - cf-mitigated: challenge
 |  - cf-chl-out: hgs5/89BktA12ZbeF3RMQQmVB7fJ7yYDSgPRTguFfaI/fyEgN6X+RsDu1YPcWgEpPl0nuj0MshkJd65SxeK5VbIz0K6IZ7eNsS7eP0fEreoyz4O2WEq1r9jY3FaHmePsddNlHyQ9OR6AtOHYmcloMw==$7rFYexgjC4rG3kpApz1qQw==
 |  - Server: cloudflare
 |  - CF-RAY: 8ed955a519054265-EWR
 |  - alt-svc: h3=":443"; ma=86400
 | Found By: Headers (Passive Detection)
 | Confidence: 100%


Fingerprinting the version -: |================================================|
 The WordPress version could not be detected.

 The main theme could not be detected.

Enumerating Users (via Passive and Aggressive Methods)

 Brute Forcing Author IDs -: |=================================================|

 No Users Found.

 No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Thu Dec  5 22:55:17 2024
Requests Done: 761
Cached Requests: 8
Data Sent: 314.733 KB
Data Received: 1.493 MB
Memory used: 102.961 MB
Elapsed time: 00:00:50

Color Scheme

Target

www.aids.org.hk

Scan method

Enumerate Wordpress Users

Run command

wpscan --url https://www.aids.org.hk/ --enumerate u --random-user-agent --force --max-scan-duration 60

Scan time

50s

Quick report

Order full scan ($19/one time)

Scan date

05 Dec 2024 22:55

Copy scan report

Download report

Remove scan result

Total scans

About 3 times

Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist