Skip to content

WPScan Executor

Category: Web Application Scanners Script: wpscan.py Integration: CLI (native installation) Faraday Plugin: WPScanPlugin Website: https://wpscan.com/

Description

Runs the WPScan command-line tool natively against a WordPress site, producing JSON output that is parsed into Faraday. WPScan detects known vulnerabilities in WordPress core, plugins, and themes.

For Docker-based WPScan execution, use the WPScan Legacy executor.

Prerequisites

  • WPScan installed (Ruby gem: gem install wpscan)
  • Verify: wpscan --version

Configuration

Environment Variables (Setup)

(none required)

Execution Arguments

Parameter Type Mandatory Description
WPSCAN_TARGET_URL url Yes WordPress site URL to scan
WPSCAN_API_TOKEN password No WPScan API token for vulnerability data enrichment (from wpscan.com)
WPSCAN_RANDOM_USER_AGENT boolean No If set, uses a random user agent string

YAML Configuration Example

executors:
  wpscan_scan:
    repo_executor: wpscan.py
    max_size: 65536
    varenvs: {}
    params:
      WPSCAN_TARGET_URL:
        mandatory: true
        type: url
        base: string
      WPSCAN_API_TOKEN:
        mandatory: false
        type: password
        base: string
      WPSCAN_RANDOM_USER_AGENT:
        mandatory: false
        type: boolean
        base: boolean

How It Works

  1. Runs wpscan -o <output.json> --url <target> -f json [--api-token <token>] [--random_user_agent]
  2. Parses the JSON output through WPScanPlugin and outputs Faraday JSON

Notes

  • The WPSCAN_API_TOKEN significantly improves results by adding vulnerability details from the WPScan.com database
  • Without an API token, WPScan still detects plugins, themes, and basic issues but without CVE cross-references
  • Free WPScan API tokens allow a limited number of daily requests