There are a lot of open source WordPress security scanners out there right now and WPSeku is one more of them. Since it’s release about a month ago, it has a few static cross-site scripting, local file inclusion and SQL injection strings which it tries to leverage while scanning a website.

What is WPSeku?
WPSeku is an open source WordPress security scanner written in Python, that can be used to find security vulnerabilities in remote installations. It also helps you enumerate themes and plugins installed along with WordPress users on the blog.
This simple security scanner does not have a lot of dependencies. It simply needs cookielib, requests, json, urllib, in addition to getopt & urlparse, etc.
To enumerate WordPress users, it requests data from open endpoints and APIs such as /wp-json/wp/v2/users, /?author= and /?feed=rss2. To enumerate WordPress versions, it looks at information from the <meta name=”generator” and files such as readme.html. It also lets you know about the HTTP headers that the WordPress blog generates such as X-Powered-By:, CF-RAY:, Server:, etc.
All the vulnerability strings are located in the /db/ directory, with guessable names such as – wp_lfi.txt, wp_sql.txt and wp_xss.txt. Depending on the error code and text that the blog returns, it matches against a fixed list to detect vulnerabilities listed below:
- MySQL Injection
- Access-Based SQL Injection
- MSSQL-Based Injection
- JAVA-Based SQL Injection
- PostgreSQL Injection
- XPath Injection
- LDAP Injection
- DB2 Injection
- Interbase Injection
- Sybase Injection
- Oracle Injection
It it find any of the pre-set strings, it launches the related entries from the /db/ to confirm the vulnerability. You can also launch dictionary attacks against users using the XML-RPC interface and a dictionary file. If you want to look at more web application security projects listed on the PenTestIT blog, visit this link.
Installing WPSeku:
WPSeku version 0.1.0 is very easy to use and install. Simply check out the source directory from here and you are done if you already have the dependencies it has.