About a week ago, we notice spam going out in our blog's daily subscription email. The email is automatically generated, we're not sure using which plugin.
After doing a security scan in Go Daddy, we uncovered quite a few vulnerabilities including:
The remote web server is affected by an information disclosure vulnerability
Status: Not yet addressed
Port: https (443/tcp)
The remote web server is affected by an information disclosure vulnerability
Status: Not yet addressed
Port: http (80/tcp)
External links were discovered on your website.
Status: Not yet addressed
Port: http (80/tcp)
Some cgis are candidate for extended injection tests.
Status: Not yet addressed
Port: http (80/tcp)
Site Scanner is unable to process scans for your site.
Status: Not yet addressed
Port: http (80/tcp)
Site Scanner is unable to resolve your site.
Status: Not yet addressed
Port: http (80/tcp)
This plugin determines which HTTP methods are allowed on various cgi...
Status: Not yet addressed
Port: http (80/tcp)
WordPress® is installed on your Web server.
Status: Not yet addressed
Port: http (80/tcp)
Your Web server contains directories that are identifiable to visitors.
Status: Not yet addressed
Port: http (80/tcp)
Your Web server contains directories that are identifiable to visitors.
Status: Not yet addressed
Port: https (443/tcp)
Your Web server contains office-related files.
Status: Not yet addressed
Port: http (80/tcp)
Your website uses HTTP cookies.
How can we resolve this?