------------------------------------------------------------------------------------------------
# WordPress

$ ./cmsmap.py https://targetsite.com

[-] Date & Time: 30/11/2020 01:17:32
[I] Threads: 5
[-] Target: https://targetsite.com (XXX.XX.XXX.XXX)
[I] Server: Apache/2.4.29 (Ubuntu)
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: https://targetsite.com/robots.txt
[I] CMS Detection: WordPress
[M] XML-RPC services are enabled
[I] Autocomplete Off Not Found: https://targetsite.com/wp-login.php
[-] Default WordPress Files:
[I] https://targetsite.com/license.txt
[I] https://targetsite.com/readme.html
[I] https://targetsite.com/wp-content/themes/twentynineteen/readme.txt
[I] https://targetsite.com/wp-content/themes/twentytwenty/readme.txt
[I] https://targetsite.com/wp-includes/ID3/license.commercial.txt
[I] https://targetsite.com/wp-includes/ID3/license.txt
[I] https://targetsite.com/wp-includes/ID3/readme.txt
[I] https://targetsite.com/wp-includes/images/crystal/license.txt
[I] https://targetsite.com/wp-includes/js/plupload/license.txt
[I] https://targetsite.com/wp-includes/js/swfupload/license.txt
[I] https://targetsite.com/wp-includes/js/tinymce/license.txt
[-] Searching Wordpress Plugins ...
[I] akismet v4.1.6
[M]  EDB-ID: 37826 "WordPress Core 3.4.2 - Multiple Path Disclosure Vulnerabilities"
[M]  EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
[I] better-wp-security v7.9.0
[I] contact-form-7 v5.2.2
[M]  EDB-ID: 48062 "WordPress Plugin contact-form-7 5.1.6 - Remote File Upload"
[I] Checking for Directory Listing Enabled ...
[L] https://targetsite.com/wp-admin/css
[L] https://targetsite.com/wp-admin/images
[L] https://targetsite.com/wp-admin/includes
[L] https://targetsite.com/wp-admin/js
[L] https://targetsite.com/wp-admin/maint
[L] https://targetsite.com/wp-includes
[L] https://targetsite.com/wp-includes/ID3
[L] https://targetsite.com/wp-includes/IXR
[L] https://targetsite.com/wp-includes/PHPMailer
[L] https://targetsite.com/wp-includes/Requests
[L] https://targetsite.com/wp-includes/SimplePie
[L] https://targetsite.com/wp-includes/Text
[L] https://targetsite.com/wp-includes/assets
[L] https://targetsite.com/wp-includes/block-patterns
[L] https://targetsite.com/wp-includes/certificates
[L] https://targetsite.com/wp-includes/css
[L] https://targetsite.com/wp-includes/customize
[L] https://targetsite.com/wp-includes/fonts
[L] https://targetsite.com/wp-includes/images
[L] https://targetsite.com/wp-includes/js
[L] https://targetsite.com/wp-includes/pomo
[L] https://targetsite.com/wp-includes/random_compat
[L] https://targetsite.com/wp-includes/rest-api
[L] https://targetsite.com/wp-includes/sitemaps
[L] https://targetsite.com/wp-includes/sodium_compat
[L] https://targetsite.com/wp-includes/theme-compat
[L] https://targetsite.com/wp-includes/widgets
[L] https://targetsite.com/wp-content/plugins/contact-form-7
[-] Date & Time: 30/11/2020 01:21:26
[-] Completed in: 0:03:54