Attacking Common Applications - WordPress - Discovery & Enumeration
Hello guys, please, someone can give me a hint ??? on this question “Perform manual enumeration to discover another installed plugin. Submit the plugin name as the answer (3 words).”
When I perform manual or automatic enumeration I found on 4 plugins available
akismet
contact-form-7
mailchimp-for-wp
wp-sitemap-page
But nothing of this works, I’m very confuse
Look at the source code of the websites. Maybe you will discover another plugin
I already done that but I didn’t see anything 
I had found the answer from the beginning but I did not know the exact format of the answer
So for this same section, how would I go about finding the version number of said plugin? I found the name poking around the website/code but I can’t figure out how to determine the version number? Thanks!
each plugin has a readme.txt page. I found there…
Search after “Changelog” in the readme.txt, you will see a couple of version try it
I got it, thanks! I don’t know why I couldn’t find the plugin readme the first couple times…
Hi bro,
I found the same problem. can you give me hint?
I found
akismet
contact-form-7
mail-masta
mailchimp-for-wp
wp-sitemap-page
wpdiscuz
but all of them incorrect answer
I am running into the same issue, none of them work and WP Scan only finds contact form and mail masta
Solved: Look through some of the actual content of the WP site i.e. posts, comments, etc
Hi bro, the answer is composed of 3 words tried the words without "-"
/plug-name/readme.txt is hidden
Can you help me to find the plugin?
I went the the source page in the post, comments but found nothing!
Stuck here for long
tu fais un grep plugins et il est la sans la version exact ! Je suis en train de chercher la version justement
Je l’ai trouvé !
Visitez simplement
…/wp-content/plugins/found_plugin_name/readme.txt
plugin:Contact Form 7
version:5.4.2
Why is the answer not being accepted?
I don’t know if the format is wrong or if the answer itself is incorrect.
Nvm, Solved.
Where did you finally locate it. I have been looking all over for 2 days. I have the same thing you did. What am i doing wrong? There is nothing in the section either to assist with locating it.
Disregard
I created a bin bash script that pulled what I needed. I hope this helps the next person
#!/bin/bash
TARGET_URL=“http://blog.inlanefreight.local”
API_TOKEN=“MY TOKEN”
OUTPUT_FILE=“wpscan_results.txt”
wpscan --url “$TARGET_URL”
–api-token “$API_TOKEN”
–enumerate ap
–format cli
–output “$OUTPUT_FILE”
–random-user-agent
–plugins-detection mixed
echo “Scan complete. Results saved to $OUTPUT_FILE.”