Avast WEBforum

Other => Viruses and worms => Topic started by: polonus on May 11, 2021, 12:33:03 AM

Title: Outstanding does not always mean outstanding security-wise...
Post by: polonus on May 11, 2021, 12:33:03 AM

Re: https://www.magereport.com/scan/?s=https://hoegl.com/

Mentioned as outstandig webshop site at magezon, but in fact a High Risk website.

Three High Risk alerts -> https://awesometechstack.com/analysis/website/hoegl.com/?protocol=https%3A
See under technology analysis.

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)

Title: Re: Outstanding does not always mean outstanding security-wise...
Post by: polonus on May 14, 2021, 02:24:26 PM

See: https://urlscan.io/result/2048a394-0981-4888-9a66-03a45b632dba/
See: https://awesometechstack.com/analysis/website/icims.com/?protocol=https%3A
Vulnerabilities bootstrap: https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-173700

AMAZON-AES - WP Engine vulnerabilities. Awesomeness stack score is a mere 43 points.

The following plugins were detected by reading the HTML source of the WordPress sites front page.

Quote

Plugin   Update Status   About
wordpress-seo 15.9.1   Warning   latest release (16.2)
https://yoa.st/1uj
weglot 3.3.2   Warning   latest release (3.3.5)
http://wordpress.org/plugins/weglot/
wordpress-popular-posts 5.3.2    Current   latest release (5.3.2)
https://wordpress.org/plugins/wordpress-popular-posts/
mbg-faq-block    Unknown   latest release (1.0.3)
faq-schema-for-pages-and-posts 2.3.0    Current   latest release (2.3.0)
https://www.onlinemarketinggurus.com.au/faq-schema-plugin
miniorange-saml-20-single-sign-on 25.0.1    Unknown   latest release (4.9.06)
http://miniorange.com/
wp-smushit 3.8.3   Warning   latest release (3.8.4)
http://wordpress.org/plugins/wp-smushit/

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)