Support » Plugin: WPScan » Summary and check now option not showing

  • Humaniza

    (@humaniza)


    Hi,
    In one of my websites, the wpscan plugin does not show the main upper right box of the report page, where I should see the Summary and the check now button.

    What could be the cause to disable this box? I can’t scan because of this. The rest of the plugin shows ok, and the api key us configured OK.

    The web is on the Siteground server, if this could be of any help, but I contacted their support and they say they are not blocking anything…

    The page I need help with: [log in to see the link]

Viewing 15 replies - 1 through 15 (of 25 total)
  • Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Hi,

    Can you right-click, View Page Source, and send the HTML of that page to team@wpscan.org, please?

    This might help us identify if the HTML has been modified by another plugin.

    Thanks,
    Ryan

    Humaniza

    (@humaniza)

    Hi, I have just sent it to you. I’m available for anything else you want to test.

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Thanks, got it!

    The HTML for the summary box is missing altogether.

    There could be some kind of conflict with another plugin.

    Do you have access to the web server’s error logs? If so, is there anything in there that might give some clues?

    Humaniza

    (@humaniza)

    I enabled wp_debug but can’t see any error related to this.
    What else can we try?
    I see it’s a wordpress 4.9.8, if it can be any help.
    If you want, I could add or edit any code line to your plugin code that might help you debug the problem.

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    We could try disabling other plugins one by one to see if disabling one of them fixes the issue with the WPScan plugin? Then re-enable them after the test.

    Humaniza

    (@humaniza)

    Hi,
    I created a clean wordpress install in a subfolder of the server, with only the wpscan plugin on it, and it keeps failing, so it’s not related to a conflict with any other plugin.

    Given that I have this clean install, could you tell me something to test, some code to run in order to see whats making the plugin fail?

    Thank you

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Hi,

    I just installed it on a vanilla install of the latest version of WordPress and it was working as expected.

    I assume that you are adding an API token in the WPScan Settings?

    The Summary box only shows after adding a valid API token.

    Thanks,
    Ryan

    Humaniza

    (@humaniza)

    Yes sure, correct api key generated only for this test.
    I could give you access to this wp install if you want to test anything

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Sure, I might not be able to check right away, but should be able to check later tonight, or tomorrow.

    You can email the details to team@wpscan.org

    This just affects this particular site, right? And it only affects the site hosted on Siteground?

    Humaniza

    (@humaniza)

    OK data sent. It will only affect the current instalation I made on the /test/ folder, so you can try anything you need there. Thank you.

    Hi, could you take a look at this? I have the test site at your disposal por anything you might try to know why it doesn’t work on this server.
    Thank you. Regards.

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Hi,

    I’ve had a look and don’t know why you’re experiencing this issue. I suspect the issue might only affect sites hosted on SiteGround.

    I’ve asked on our Twitter account if anyone else is experiencing issues with our plugin and SiteGround.

    Hopefully we’ll get some answers, which will be able to rule in, or out, the issue being with SiteGround.

    Thanks,
    Ryan

    I have more info.

    Apparently, the wpscan plugin is making excesive calls to admin-ajax.php, (so many that the siteground support advised me about that) so maybe it somehow gets hanged and causes a loop.

    I will have to uninstall the plugin from the site because siteground limits cpu executions / cicles and I can’t loose consumption that I will need for the general use of the website.

    Sorry, I will not be able to test more. If you bring something about this topic in future updates, please let me know. Maybe someone on siteground can tell us something

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    Interesting. We’ll investigate the excessive calls to admin-ajax.php and see if we can find a solution.

    Plugin Author ethicalhack3r

    (@ethicalhack3r)

    I’ve had a look into it and there aren’t any excessive calls to admin-ajax.php that I could see.

    There are a couple of calls, but nothing that I would describe as excessive.

    Perhaps SiteGround has attributed the calls to the wrong plugin, or maybe I wasn’t using the WPScan plugin in a way that would trigger the excessive calls.

    It would be good if SiteGround could provide the logs, or some other information, on how/why they attributed it to WPScan, so that we could do further investigation.

Viewing 15 replies - 1 through 15 (of 25 total)
  • You must be logged in to reply to this topic.