Re: https://urlquery.net/report/ac10faba-6387-42ad-956d-760428fb05b8
4 vulnerable jQuery libraries detected: https://retire.insecurity.today/#!/scan/962c664f2fb0aa6fef9ac7c80f5b39ca66c98ad44da1796e01cecd4f9a7d536c
WordPress Plugins
The following plugins were detected by reading the HTML source of the WordPress sites front page.
ckeditor-for-wordpress latest release (4.5.3.3)
http://wordpress.ckeditor.com/
contact-form-7 latest release (5.0.1)
https://contactform7.com/
all-in-one-seo-pack latest release (2.5)
https://semperplugins.com/all-in-one-seo-pack-pro-version/
Plugins are a source of many security vulnerabilities within WordPress installations, always keep them updated to the latest version available and check the developers plugin page for information about security related updates and fixes.
Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.
ID User Login
1 None None
2 GEM gem
It is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation.
Risk from compromised server: https://www.scamadviser.com/check-website/gregernstmusic.com
F-grade security status and recommendations: https://observatory.mozilla.org/analyze/gregernstmusic.com
polonus (volunteer website security analyst and website error-hunter)
The website has also a serious vulnerability occuring in PHP versions 5.3.12 and 5.4.2 where a certain request may dump the PHP source code for the page. Some tools may however block the scanning for this.
However there are sources and sinks:
Number of sources found: 1
Number of sinks found: 77
Results from scanning URL: hxtp://gregernstmusic.com/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.utils.js?t=F7J8&ver=4.5.3.3
Number of sources found: 4
Number of sinks found: 3
Bad = Results from scanning URL: htxp://gregernstmusic.com/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.utils.js?t=F7J8&ver=4.5.3.3
Number of sources found: 381
Number of sinks found: 59
Adblockers block: hxtp://gregernstmusic.com/xmlrpc.php as it is listed in the malware domain list,
facebook iFrame on website
polonus
L.S.
PHP driven CMS is not secure, folks, it could open up to various attacks -
the above website may also be vulnerable against HTML Injection of the type htxp://web.site/page#
through RocketTheme, LLC -components/com_roksprocket/layouts/strips/assets/js/strips.js
Number of sources found: 1
Number of sinks found: 77
See also: Results from scanning URL: hxtp://gregernstmusic.com/wp-content/plugins/ckeditor-for-wordpress/includes/ckeditor.utils.js?t=F7J8&ver=4.5.3.3
Number of sources found: 41
Number of sinks found: 17 (with undefined variable jQuery error).
Protection against such attacks can be brought in by hardening
through implementing necessary security headers best policy!
Another collusion like http%3A%2F%2Fgregernstmusic.com/#?-s → going to Results from scanning URL: hxtp://www.photostd.net/forum/profile.php?id=427100/ opening to index.html… Hostname does not match with Certificate
Number of sources found: 1
Number of sinks found: 77
polonus (volunteer website security analyst and website error-hunter)
L.S.
Front-end security often could mean a security minefield to trod onto.
Always remember that website security is always a relevant thing.
There is no 100% secure website as there is no 100% insecure website.
A position here is always somewhere in between.
For code developers:
If you like to sanitize your input, do not write your sanitizer yourself.
Parse input using a whitelist of DOM nodes, keep only safe nodes into the DOM,
and parse within the browser.
Use DOM purify analyzer for instance- bleach.js.
Always be on the look-out for sinks, jQuery is a sink as such.
Remember when Brendan Eich came up with javascript for the first time in the past century it was not yet ready to be used with protocols like http and https, and we feel the backlash of that almost daily, despite of the very good work the developer presented us with, known as the android browser par excellence, Brave. We now use more VM orientated languages that are platform independent.
Combination of jQuery and angular.js and knockout.js check the DOM XSS Wiki
See whether code has been properly been escaped!
For hardening PHP propositions: http://www.hardened-php.net/ (not vuln: https://retire.insecurity.today/#!/scan/f174e1f17cc1c5f4cf4b3d0a863006fb5a92392c2a8752f6394f3ab09ee12a29 )
Always remember, folks, javascript security is a bitch.
polonus (volunteer website security analyst and website error-hunter)
Another site with this php 7.0.28 glitch: hxtp://hasbargen.de/#?-s
Re: https://retire.insecurity.today/#!/scan/6aea2666fd8fd18b929763c4a32e18b3c7f2e2876ee7
No detections for jQuery 1.6.2 libraries.
Results from scanning URL: -http://hasbargen.de
Number of sources found: 1
Number of sinks found: 71
Also consider: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=hasbargen.de%2F%23%3F-s&ref_sel=GSP2&ua_sel=ff&fs=1
URI as system identifier - seo xmlns="http://www.w3.org/TR/SEOEHTML1/ HTML 4.0
polonus (volunteer website security analyst and website error-hunter)