wordpress 3.6.1 анализ уязвимостей. Помогите подобрать подход.

Здравствуйте, уважаемые хакеры, программисты и просто любители, на сервере стоит wordpress 3.6.1
Сканнирование программой wpscan показало, что имеются две уязвимости:

1)
| Name: adminimize v1.8.4
| Location: http://www.site.ru/wp-content/plugins/adminimize/
| Directory listing enabled: Yes
| Readme: http://www.site.ru/wp-content/plugins/adminimize/readme.txt
|
| * Title: adminimize 1.7.21 - Cross-Site Scripting Vulnerabilities
| * Reference: http://seclists.org/bugtraq/2011/Nov/135


Wordpress adminimize.1.7.21 Plugin Cross-Site Scripting Vulnerabilities
Download......: http://wordpress.org/extend/plugins/adminimize/
Bug Found.....: IrIsT™
Exploit.......: http://www.site.com/[path]/wp-content/plugins/adminimize/adminimize_page.php?page=[xss]


2)
| Name: wordpress-seo v1.4.19
| Location: http://www.site.ru/wp-content/plugins/wordpress-seo/
| Directory listing enabled: Yes
| Readme: http://www.site.ru/wp-content/plugins/wordpress-seo/readme.txt
| Changelog: http://www.site.ru/wp-content/plugins/wordpress-seo/changelog.txt
|
| * Title: WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS
| * Reference: http://packetstormsecurity.com/files/123028/
| * Reference: http://osvdb.org/97885
|
| * Title: WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass
| * Reference: http://secunia.com/advisories/52949
| * Reference: http://osvdb.org/92147


Discussion:
Yoast SEO Plugin v1.14.15 has a xss vulnerability due to lack of search
sanitation.

Exploit:
This can be exploited with a browser and is usually executed inside the
search parameter of the website.

Proof of concept:
http://5linx.com/?s="><script>alert(document.cookie);</script>


Description: WordPress SEO by Yoast Plugin for WordPress contains a flaw that is due to the program failing to properly restrict access to users. This may allow a remote attacker to bypass restrictions placed on the 'reset settings' feature.

Classification:
Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Private
Disclosure: Vendor Verified, Third-party Verified
OSVDB: Web Related


Подскажите, опасны ли они?


Ещё немного информации от nmap, по открытым портам (17):

21 - tcp - open - ftp - Pure-FTPd
22 - tcp - open - ssh - OpenSSH 5.3 (protocol 2.0)
25 - tcp - open - smtp - Exim smtpd 4.80.1
53 - tcp - open - domain
80 - tcp - open - http - nginx 1.4.2
110 - tcp - open - pop3 - Dovecot pop3d
111 - tcp - open - rpcbind - 2-4 (RPC#100000)
135 - tcp - filtered - msrpc
139 - tcp - filtered - netbios-ssn
143 - tcp - open - imap - Dovecot imapd
179 - tcp - filtered - bgp
443 - tcp - open - http - nginx 1.4.2
445 - tcp - filtered - microsoft-ds
465 - tcp - open - smtp - Exim smtpd 4.80.1
587 - tcp - open - smtp - Exim smtpd 4.80.1
993 - tcp - open - imap - Dovecot imapd
995 - tcp - open - pop3 - Dovecot pop3d
1720 - tcp - filtered - H.323/Q.931
3306 - tcp - open - mysql - MySQL 5.1.71-rel14.9
5666 - tcp - open - tcpwrapped
8080 - tcp - open - http - Apache httpd 2.2.25
8081 - tcp - open - http - Apache httpd 2.2.25

 

Посмотри соседей на сервере и посмотри что есть на сервере из папок.

 

Здравствуйте! Соседей вроде бы как нет.
Вот развёрнутый анализ wpscan:


| Started:

[+] robots.txt available under: 'http://site.ru/robots.txt'
[!] The WordPress 'http://site.ru/readme.html' file exists
[!] Full Path Disclosure (FPD) in: 'http://site.ru/wp-includes/rss-functions.php'
[+] Interesting header: SERVER: nginx/1.4.2
[+] Interesting header: WP-SUPER-CACHE: Served supercache file from PHP
[+] Interesting header: X-POWERED-BY: PHP/5.3.13
[+] XML-RPC Interface available under: http://site.ru/xmlrpc.php
[+] WordPress version 3.6.1 identified from meta generator

[+] WordPress theme in use: responsive v1.9.3.8

| Name: responsive v1.9.3.8
| Location: http://site.ru/wp-content/themes/responsive/
| Readme: http://site.ru/wp-content/themes/responsive/readme.txt
| Changelog: http://site.ru/wp-content/themes/responsive/changelog.txt

[+] Enumerating installed plugins ...

Time: 00:01:58 <=======================> (2615 / 2615) 100.00% Time: 00:01:58

[+] We found 22 plugins:

| Name: adminimize v1.8.4
| Location: http://site.ru/wp-content/plugins/adminimize/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/adminimize/readme.txt
|
| * Title: adminimize 1.7.21 - Cross-Site Scripting Vulnerabilities
| * Reference: http://seclists.org/bugtraq/2011/Nov/135

| Name: contact-form-7 v3.5.4
| Location: http://site.ru/wp-content/plugins/contact-form-7/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/contact-form-7/readme.txt

| Name: createit-jquery-3level-accordion-menu
| Location: http://site.ru/wp-content/plugins/createit-jquery-3level-accordion-menu/

| Name: display-posts-shortcode v2.3
| Location: http://site.ru/wp-content/plugins/display-posts-shortcode/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/display-posts-shortcode/readme.txt

| Name: easy-fancybox v1.5.5
| Location: http://site.ru/wp-content/plugins/easy-fancybox/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/easy-fancybox/readme.txt

| Name: fotorama v4.4.6
| Location: http://site.ru/wp-content/plugins/fotorama/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/fotorama/readme.txt

| Name: mp6
| Location: http://site.ru/wp-content/plugins/mp6/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/mp6/readme.txt

| Name: responsive-add-ons v1.0.4
| Location: http://site.ru/wp-content/plugins/responsive-add-ons/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/responsive-add-ons/readme.txt

| Name: revslider
| Location: http://site.ru/wp-content/plugins/revslider/
| Directory listing enabled: Yes

| Name: rustolat v0.3
| Location: http://site.ru/wp-content/plugins/rustolat/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/rustolat/readme.txt

| Name: simple-scroll-to-top v2.4.0
| Location: http://site.ru/wp-content/plugins/simple-scroll-to-top/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/simple-scroll-to-top/readme.txt

| Name: sitemap v4.2
| Location: http://site.ru/wp-content/plugins/sitemap/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/sitemap/readme.txt

| Name: sitemap-generator-wp v1.08
| Location: http://site.ru/wp-content/plugins/sitemap-generator-wp/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/sitemap-generator-wp/readme.txt

| Name: smooth-page-scroll-to-top v0.3
| Location: http://site.ru/wp-content/plugins/smooth-page-scroll-to-top/
| Readme: http://site.ru/wp-content/plugins/smooth-page-scroll-to-top/readme.txt

| Name: smooth-scroll-up
| Location: http://site.ru/wp-content/plugins/smooth-scroll-up/
| Directory listing enabled: Yes

| Name: themefuse-maintenance-mode v1.1.3
| Location: http://site.ru/wp-content/plugins/themefuse-maintenance-mode/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/themefuse-maintenance-mode/readme.txt

| Name: touchcarousel
| Location: http://site.ru/wp-content/plugins/touchcarousel/
| Directory listing enabled: Yes

| Name: vslider v4.1.2
| Location: http://site.ru/wp-content/plugins/vslider/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/vslider/readme.txt

| Name: widget-logic v0.56
| Location: http://site.ru/wp-content/plugins/widget-logic/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/widget-logic/readme.txt

| Name: wordpress-importer v0.6
| Location: http://site.ru/wp-content/plugins/wordpress-importer/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/wordpress-importer/readme.txt

| Name: wordpress-seo v1.4.19
| Location: http://site.ru/wp-content/plugins/wordpress-seo/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/wordpress-seo/readme.txt
| Changelog: http://site.ru/wp-content/plugins/wordpress-seo/changelog.txt
|
| * Title: WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS
| * Reference: http://packetstormsecurity.com/files/123028/
| * Reference: http://osvdb.org/97885
|
| * Title: WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass
| * Reference: http://secunia.com/advisories/52949
| * Reference: http://osvdb.org/92147

| Name: wp-super-cache v1.4
| Location: http://site.ru/wp-content/plugins/wp-super-cache/
| Directory listing enabled: Yes
| Readme: http://site.ru/wp-content/plugins/wp-super-cache/readme.txt

[+] Finished

---------------------------------------------------


[+] Enumerating installed themes ...

Time: 00:00:26 <=========================> (491 / 491) 100.00% Time: 00:00:26

[+] We found 1 themes:

| Name: responsive v1.9.3.8
| Location: http://site.ru/wp-content/themes/responsive/
| Readme: http://site.ru/wp-content/themes/responsive/readme.txt
| Changelog: http://site.ru/wp-content/themes/responsive/changelog.txt

[+] Finished

---------------------------------------------------


[+] Enumerating usernames ...
[+] We found the following 1 user/s:
+----+-------+------------------+
| Id | Login | Name |
+----+-------+------------------+
| 1 | admin | admin, Author at |
+----+-------+------------------+

[+] Finished

---------------------------------------------------


[+] Enumerating timthumb files ...

Time: 00:01:58 <=======================> (2430 / 2430) 100.00% Time: 00:01:58

[+] We found 1 timthumb file/s:

| [!] http://site.ru/wp-content/plugins/vslider/timthumb.php v2.8.10

* Reference: http://www.exploit-db.com/exploits/17602/

[+] Finished

---------------------------------------------------


Брутфорс пароля результата не дал, было проверено около 500000 вариантов.

 

Ребят а кто может провести аудит-безопасности моего сайта за вознаграждение?
Если получится, то добраться до фтп и объяснить потом что нужно сделать, чтобы залатать найденную уязвимость.

Или подскажите куда можно обратиться с такой просьбой.

 

Для этого есть специальный раздел. И он точно не является этой темой

Другой вопрос в том, подтвердители вы то, что сайт действительно ваш?
Энивей, скиньте ссылку в лс.