I was curious about a certain companies website and did a scan of their website and was able to enumerate not only their all their Wordpress plugins (and vulnerabilities and exploits) but also userID's and usernames.
[+] URL: http://xxxxxxxx/
[+] Started: Wed Jun 11 21:29:40 2014
[+] robots.txt available under: 'http://xxxxxxxx/robots.txt'
[!] The WordPress 'http://xxxxxxxx/readme.html' file exists
[+] Interesting header: CF-RAY: 1390e7f7776d02da-AMS
[+] Interesting header: SERVER: cloudflare-nginx
[+] XML-RPC Interface available under: http://xxxxxxxx/xmlrpc.php
[+] WordPress version 3.8.3 identified from meta generator
[+] Name: akismet - v2.5.9
| Location: http://xxxxxxxx/xxxxxxxx/plugins/akismet/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/akismet/readme.txt
[+] Name: backwpup - v3.1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/
[!] Title: BackWPUp 2.1.4 - Code Execution
Reference: http://www.exploit-db.com/exploits/17987/
[!] Title: plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability
Reference: http://osvdb.org/71481
[+] Name: better-wp-security - v3.6.5
| Location: http://xxxxxxxx/xxxxxxxx/plugins/better-wp-security/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/better-wp-security/readme.txt
[!] Title: Better WP Security 3.6.3 - Online Backup Storage current_time Function Brute Force Disclosure
Reference: http://packetstormsecurity.com/files/125219/
Reference: http://osvdb.org/103358
[!] Title: Better WP Security 3.6.3 - /zzzzzzz/admin-ajax.php license Parameter Stored XSS Weakness
Reference: http://packetstormsecurity.com/files/125219/
Reference: http://osvdb.org/103357
[+] Name: calculated-fields-form - v1.0.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/README.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/
[+] Name: contact-form-7 - v3.7.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/
[!] An error_log file has been found: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/error_log
[!] Title: Contact Form 7 & Old WP Versions - Crafted File Extension Upload Remote Code Execution
Reference: http://packetstormsecurity.com/files/125018/
Reference: http://seclists.org/fulldisclosure/2014/Feb/0
Reference: http://osvdb.org/102776
[+] Name: dw-question-answer - v1.2.8
| Location: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/
[+] Name: google-analytics-dashboard-for-wp - v4.2.18
| Location: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-dashboard-for-wp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-dashboard-for-wp/readme.txt
[+] Name: google-analytics-for-wordpress - v4.3.5
| Location: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/
[+] Name: jetpack - v2.7.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/
[!] Title: Jetpack <= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass
Reference: http://jetpack.me/2014/04/10/jetpack-security-update/
Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0173
Reference: http://secunia.com/advisories/57729
Reference: http://osvdb.org/105714
[i] Fixed in: 2.9.3
[+] Name: link-manager
| Location: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/
[+] Name: mailchimp - v1.4.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/
[+] Name: members - v0.2.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/members/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/members/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/members/
[+] Name: pdfjs-viewer-shortcode - v1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/pdfjs-viewer-shortcode/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/pdfjs-viewer-shortcode/readme.txt
[+] Name: really-simple-captcha - v1.7
| Location: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/
[+] Name: smart-manager-for-wp-e-commerce - v3.6
| Location: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/
[+] Name: woocommerce - v2.1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/
[+] Name: woocommerce-bulk-discount - v2.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/
[+] Name: woocommerce-delivery-notes
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/
[+] Name: woocommerce-product-archive-customiser - v0.3.0
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/
[+] Name: woocommerce-sequential-order-numbers - v1.3.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/
[+] Name: wordpress-importer - v0.6.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/
[+] Name: wordpress-popup - v4.4.5.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/
[+] Name: wordpress-seo - v1.4.25
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/readme.txt
| Changelog: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/changelog.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/
[!] Title: WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS
Reference: http://packetstormsecurity.com/files/123028/
Reference: http://osvdb.org/97885
[!] Title: WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass
Reference: http://secunia.com/advisories/52949
Reference: http://osvdb.org/92147
[+] Name: wp-advanced-importer
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-advanced-importer/
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-advanced-importer/
[+] Name: wp-countdown-timer - v1.0.0
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-countdown-timer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-countdown-timer/README.txt
[+] Name: wp-fastest-cache - v4.3
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/
[+] Name: wp-mail-smtp - v0.9.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/
[+] Name: wp-memory-usage
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/
[+] Name: wp-super-cache - v1.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-super-cache/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-super-cache/readme.txt
[+] Enumerating usernames ...
[+] Identified the following 8 user/s:
+----+--------------+--------------+
| Id | Login | Name |
+----+--------------+--------------+
| x | xxxx | xxxx |
| x | xxxxxxxx | xxxxxxxx |
| x | xxxxxx | xxxxxx |
| x | xxxxxxxxxx | xxxx |
| x | xxxxxxxxxxxx | xxxxx |
| x | xxxxxxxx | xxxxxxxx |
| x | xxxxxxxxxxxx | xxxxxxxxxxxx |
| xx | xxxxxx | xxxxx |
+----+--------------+--------------+
[+] Started: Wed Jun 11 21:29:40 2014
[+] robots.txt available under: 'http://xxxxxxxx/robots.txt'
[!] The WordPress 'http://xxxxxxxx/readme.html' file exists
[+] Interesting header: CF-RAY: 1390e7f7776d02da-AMS
[+] Interesting header: SERVER: cloudflare-nginx
[+] XML-RPC Interface available under: http://xxxxxxxx/xmlrpc.php
[+] WordPress version 3.8.3 identified from meta generator
[+] Name: akismet - v2.5.9
| Location: http://xxxxxxxx/xxxxxxxx/plugins/akismet/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/akismet/readme.txt
[+] Name: backwpup - v3.1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/backwpup/
[!] Title: BackWPUp 2.1.4 - Code Execution
Reference: http://www.exploit-db.com/exploits/17987/
[!] Title: plugin BackWPup 1.5.2, 1.6.1, 1.7.1 - Remote and Local Code Execution Vulnerability
Reference: http://osvdb.org/71481
[+] Name: better-wp-security - v3.6.5
| Location: http://xxxxxxxx/xxxxxxxx/plugins/better-wp-security/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/better-wp-security/readme.txt
[!] Title: Better WP Security 3.6.3 - Online Backup Storage current_time Function Brute Force Disclosure
Reference: http://packetstormsecurity.com/files/125219/
Reference: http://osvdb.org/103358
[!] Title: Better WP Security 3.6.3 - /zzzzzzz/admin-ajax.php license Parameter Stored XSS Weakness
Reference: http://packetstormsecurity.com/files/125219/
Reference: http://osvdb.org/103357
[+] Name: calculated-fields-form - v1.0.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/README.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/calculated-fields-form/
[+] Name: contact-form-7 - v3.7.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/
[!] An error_log file has been found: http://xxxxxxxx/xxxxxxxx/plugins/contact-form-7/error_log
[!] Title: Contact Form 7 & Old WP Versions - Crafted File Extension Upload Remote Code Execution
Reference: http://packetstormsecurity.com/files/125018/
Reference: http://seclists.org/fulldisclosure/2014/Feb/0
Reference: http://osvdb.org/102776
[+] Name: dw-question-answer - v1.2.8
| Location: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/dw-question-answer/
[+] Name: google-analytics-dashboard-for-wp - v4.2.18
| Location: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-dashboard-for-wp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-dashboard-for-wp/readme.txt
[+] Name: google-analytics-for-wordpress - v4.3.5
| Location: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/google-analytics-for-wordpress/
[+] Name: jetpack - v2.7.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/jetpack/
[!] Title: Jetpack <= 2.9.2 - class.jetpack.php XML-RPC Access Control Bypass
Reference: http://jetpack.me/2014/04/10/jetpack-security-update/
Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0173
Reference: http://secunia.com/advisories/57729
Reference: http://osvdb.org/105714
[i] Fixed in: 2.9.3
[+] Name: link-manager
| Location: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/link-manager/
[+] Name: mailchimp - v1.4.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/mailchimp/
[+] Name: members - v0.2.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/members/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/members/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/members/
[+] Name: pdfjs-viewer-shortcode - v1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/pdfjs-viewer-shortcode/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/pdfjs-viewer-shortcode/readme.txt
[+] Name: really-simple-captcha - v1.7
| Location: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/really-simple-captcha/
[+] Name: smart-manager-for-wp-e-commerce - v3.6
| Location: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/smart-manager-for-wp-e-commerce/
[+] Name: woocommerce - v2.1.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce/
[+] Name: woocommerce-bulk-discount - v2.2
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-bulk-discount/
[+] Name: woocommerce-delivery-notes
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-delivery-notes/
[+] Name: woocommerce-product-archive-customiser - v0.3.0
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-product-archive-customiser/
[+] Name: woocommerce-sequential-order-numbers - v1.3.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/woocommerce-sequential-order-numbers/
[+] Name: wordpress-importer - v0.6.1
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-importer/
[+] Name: wordpress-popup - v4.4.5.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-popup/
[+] Name: wordpress-seo - v1.4.25
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/readme.txt
| Changelog: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/changelog.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wordpress-seo/
[!] Title: WordPress SEO 1.14.15 - index.php s Parameter Reflected XSS
Reference: http://packetstormsecurity.com/files/123028/
Reference: http://osvdb.org/97885
[!] Title: WordPress SEO 1.4.6 - Reset Settings Feature Access Restriction Bypass
Reference: http://secunia.com/advisories/52949
Reference: http://osvdb.org/92147
[+] Name: wp-advanced-importer
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-advanced-importer/
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-advanced-importer/
[+] Name: wp-countdown-timer - v1.0.0
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-countdown-timer/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-countdown-timer/README.txt
[+] Name: wp-fastest-cache - v4.3
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-fastest-cache/
[+] Name: wp-mail-smtp - v0.9.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-mail-smtp/
[+] Name: wp-memory-usage
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/readme.txt
[!] Directory listing is enabled: http://xxxxxxxx/xxxxxxxx/plugins/wp-memory-usage/
[+] Name: wp-super-cache - v1.4
| Location: http://xxxxxxxx/xxxxxxxx/plugins/wp-super-cache/
| Readme: http://xxxxxxxx/xxxxxxxx/plugins/wp-super-cache/readme.txt
[+] Enumerating usernames ...
[+] Identified the following 8 user/s:
+----+--------------+--------------+
| Id | Login | Name |
+----+--------------+--------------+
| x | xxxx | xxxx |
| x | xxxxxxxx | xxxxxxxx |
| x | xxxxxx | xxxxxx |
| x | xxxxxxxxxx | xxxx |
| x | xxxxxxxxxxxx | xxxxx |
| x | xxxxxxxx | xxxxxxxx |
| x | xxxxxxxxxxxx | xxxxxxxxxxxx |
| xx | xxxxxx | xxxxx |
+----+--------------+--------------+
I was surprised at my results and decided to write a quick email to the owner of the company with my information. I got a nice thank you letter back.
A couple weeks later, on a public forum, he thanked me again, said it was all taken care of now, and asked me to send my contact info. I did, and never heard anything back.
This arrived in the mail yesterday.
