Newly added security tests, August 28, 2017: vBulletin and WordPress vulnerabilities

DetectifyAug 28, 2017

To help you keep up with the latest vulnerabilities, we add new security tests to Detectify on a regular basis. The latest additions to the tool cover everything from a vBulletin SQL injection to a DOM XSS in a WordPress.

Here are the new security tests that now run when you start a Detectify scan:

CVE-2016-6195 – Unauthenticated SQL Injection in VBulletin
PHP symfony debug toolbar disclosure
WordPress bridge-theme DOM XSS
Web Cache Deception updates

If you’d like to learn more about DOM XSS vulnerabilities, why not check out our write-up explaining how we invented the Tesla DOM DOOM XSS?

Detectify

Complete External Attack Surface Management for AppSec and ProdSec teams.

Check out more content

Product Updates

February 2026 Product Notes: New Test Catalogue & API Scanning experience

Security is often a game of “you don’t know what you don’t know.” At Detectify, we focus on removing that uncertainty. Whether it’s reaching 922 …

March 05, 2026

Product Updates

Introducing Protocol Discovery to stop guessing what’s behind your open ports

Most tools will just tell you that a port is open. We’ve decided that’s not enough. TLDR: We’ve launched Protocol Discovery, a custom-built engine designed …

February 24, 2026

Product Updates

Introducing Detectify Internal Scanning for internal scanning behind the firewall

TL;DR We’re launching Internal Scanning, bringing our proprietary security engines, research-led crawling and fuzzing engine for internal vulnerability scanning behind your firewall. Built by Detectify’s …

February 03, 2026

Product Updates

Security Update: Critical RCE in React Server Components & Next.js (CVE-2025-55182)

A Critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-55182, has been discovered in Next.js applications utilizing React Server Components (RSC) and Server Actions. This …

December 05, 2025