WordPress Vulnerability Report
Your WordPress website is vulnerable to attack!Scan URL: http://madeofbillions.com/
Scan Date: Sun Nov 6 15:18:48 2016 (UTC+1)
WordPress Version: 4.5.4
Is my site really vulnerable?
We have a good indication that your site is vulnerable and can be exploited by hackers or malware bots. This means that currently your data is not safe and the integrity of your WordPress cannot be guaranteed. It is essential that you upgrade to the latest version for your WordPress installation and all the themes and plugins you use. Below we will give you more information about how to improve security and about what issues we found on your website. Disclaimer: Since we used automated software there could be a small chance that your site is safe because we made a false positive. In addition, we don't provide a full overview of all vulnerabilities and we don't scan your server for server security.
What did we scan?
WPScans.com uses the advanced scanning technology of WPScan which we combine with our own intelligent scanning algorithms. We scan for known bugs that have been indexed in the WPScan Vulnerability Database, which contains over 4000 reported vulnerabilities. Our scanner tries to identify the plugins you run and will compare their versions against the bug database. In addition, we scan for several well-known mistakes that people make when setting up their WordPress installation. Many thanks to the WPScan Team for maintaining the bug database and providing a perfect vulnerability scanner to the community.
WordPress is out of date
You are running an outdated WordPress version. Please update to the latest version.Your are running WordPress version 4.5.4. This version is an outdated version of WordPress. It is best practice to keep your WordPress installation up to date. Therefore, it is essential to update to the newest version of WordPress. Automatically update in the WordPress backend or download the newest WordPress version from the link below.
Plugins & Themes
We have identified several plugins and themes in your WordPress installation. Always keep them up to date.buddyboss-wall
Installation Directory
buddypress - v2.6.2
Installation Directory
Update to version 2.7.2
buddypress-edit-activity - v1.0.8
buddypress-global-search - v1.1.4
Installation Directory
Update to version 1.1.5
buddypress-media - v4.0.7
Installation Directory
Update to version 4.1.8
buddypress-sitewide-activity-widget - v1.3.2
buddypress-xprofile-image-field - v2.0.1
custom-share-buttons-with-floating-sidebar - v2.9
pc-google-analytics - v2.5.1
what-the-file - v1.5.3
wordpress-easy-paypal-payment-or-donation-accept-plugin - v4.9.2
wysija-newsletters - v2.7.5
youtube-embed-plus - v11.4
Installation Directory
Update to version 11.5
w3-total-cache - v0.9.4.1
Installation Directory
Update to version 0.9.5.1
Plugin Is Vulnerable - See Why »
Information Leakage
While leaking information is not a direct threat to security, it can facilitate an attacker to gain access to your systems. Therefore, it is recommended to review the following leaked info to see if it contains sensitive data.robots.txt available under: 'http://madeofbillions.com/robots.txt'
The WordPress 'http://madeofbillions.com/readme.html' file exists exposing a version number
Interesting header: SERVER: Apache
Interesting header: X-POWERED-BY: W3 Total Cache/0.9.4.1
XML-RPC Interface available under: http://madeofbillions.com/xmlrpc.php