Plugin-Found/EN: Unterschied zwischen den Versionen
Zeile 4: | Zeile 4: | ||
|'''Check'''|| {{:{{PAGENAME}}/Negative}} | |'''Check'''|| {{:{{PAGENAME}}/Negative}} | ||
|- | |- | ||
− | |''' | + | |'''Description'''|| {{:{{PAGENAME}}/Description}} |
|- | |- | ||
− | |''' | + | |'''Background'''|| {{:{{PAGENAME}}/Background}} |
|- | |- | ||
− | |''' | + | |'''Consequence'''|| {{:{{PAGENAME}}/Consequence}} |
|- | |- | ||
− | |''' | + | |'''Solution/Tips'''|| {{:{{PAGENAME}}/Solution_Tips}} |
|} | |} | ||
Zeile 16: | Zeile 16: | ||
[[Category:Siwecos-Scanner/EN]] | [[Category:Siwecos-Scanner/EN]] | ||
{{:{{PAGENAME}}/Category}} | {{:{{PAGENAME}}/Category}} | ||
− |
Version vom 15. März 2019, 13:59 Uhr
Check for CMS plug-ins
Check | CMS plug-in detected |
Description | A plug-in that is used by your content management system (CMS) was detected. An attacker could use this information to search for specific security flaws for your website. |
Background | A plug-in is an optional software module that extends or modifies an existing software. Plug-ins are often written by inexperienced developers. Therefore they often have security flaws which are not fixed in time. Further information |
Consequence | Content management system (CMS) offer a wide range of extensions. Vulnerabilities and security flaws in plug-ins are often exploited by attackers to gain control of a CMS installation or to misuse it for other purposes. A large attack surface is a disadvantage that should be avoided. -sicherheit-teil3/ Further Information (German only). |
Solution/Tips | The use of plug-ins should be limited to those plug-ins that are absolutely necessary. This can reduce the attack surface significantly. In addition, installed plugins should always be kept up to date. |