Domain: w*t*r*v*.h*u.hk

Domain Details for w*t*r*v*.h*u.hk

Site Information

WordPress Version: 6.4.2 ⚠️ VULNERABLE

Theme: blockbase-wpcom (used by 137 domains)

Last Checked: 2026-06-07 22:43:59

HTTPS: ✅ Yes

Plugins (3)

Plugin	Used By
block-options	6,141
icon-list-block	342
otter-blocks	15,418

Security Headers

Grade F

5 missing headers

Missing Headers:

Content-Security-Policy (CSP) — Prevents XSS attacks ?
X-Content-Type-Options — Prevents MIME sniffing ?
X-Frame-Options — Prevents clickjacking ?
Referrer-Policy — Controls referrer information ?
Permissions-Policy — Limits browser features ?

Exposed Files & Configurations

This domain has publicly accessible security-sensitive files or configurations:

⚠️ Vulnerable WordPress Version (6.4.2) — CVE-2024-4439: Unauthenticated Stored XSS. Update to 6.5.2 or later immediately.
👤 User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?

Need help securing your WordPress site? Contact us for a professional security audit.

Top 50 Plugins

Plugin	Count
elementor	1,819,196
contact-form-7	1,789,483
elementor-pro	1,060,662
woocommerce	824,782
revslider	623,770
jetpack	470,465
js_composer	436,870
wp-rocket	337,948
essential-addons-for-elementor-lite	297,183
gravityforms	269,158
complianz-gdpr	259,951
cookie-law-info	234,187
instagram-feed	230,506
google-site-kit	224,321
sitepress-multilingual-cms	223,618
google-analytics-for-wordpress	216,054
header-footer-elementor	212,182
elementskit-lite	209,363
bluehost-wordpress-plugin	191,408
gutenberg	163,525
gutenberg-core	160,943
cookie-notice	153,633
the-events-calendar	133,454
litespeed-cache	132,870
wpforms-lite	130,558
gtranslate	129,224
astra-sites	120,332
popup-maker	117,257
woocommerce-payments	113,813
tablepress	110,939
coblocks	100,525
honeypot	98,579
astra-addon	96,287
duracelltomi-google-tag-manager	94,758
wp-smushit	94,540
all-in-one-seo-pack	94,163
LayerSlider	92,505
bb-plugin	91,548
premium-addons-for-elementor	87,784
megamenu	87,690
akismet	86,772
mailchimp-for-wp	84,606
cleantalk-spam-protect	84,528
woocommerce-gateway-stripe	83,875
ml-slider	81,965
borlabs-cookie	80,562
fusion-builder	80,452
ewww-image-optimizer	79,824
wp-pagenavi	79,811
formidable	78,763

Plugin

Count

1,819,196

1,789,483

1,060,662

824,782

623,770

470,465

436,870

337,948

essential-addons-for-elementor-lite

297,183

269,158

259,951

234,187

230,506

224,321

sitepress-multilingual-cms

223,618

google-analytics-for-wordpress

216,054

header-footer-elementor

212,182

elementskit-lite

209,363

bluehost-wordpress-plugin

191,408

163,525

160,943

153,633

133,454

132,870

130,558

129,224

120,332

117,257

113,813

110,939

100,525

98,579

96,287

duracelltomi-google-tag-manager

94,758

94,540

94,163

92,505

91,548

premium-addons-for-elementor

87,784

megamenu

87,690

akismet

86,772

mailchimp-for-wp

84,606

cleantalk-spam-protect

84,528

woocommerce-gateway-stripe

83,875

81,965

80,562

80,452

79,824

79,811

78,763

Top 50 Themes

Theme	Count
hello-elementor	622,154
Divi	515,376
astra	427,781
flatsome	136,821
Avada	125,534
generatepress	122,038
pub	110,907
oceanwp	84,326
kadence	79,509
enfold	72,549
salient	67,305
twentytwentyfour	59,420
h4	56,888
twentyseventeen	56,800
bb-theme	55,720
betheme	52,419
cocoon-master	52,256
blocksy	51,289
dt-the7	46,628
twentytwentyfive	44,378
neve	39,825
Avada-Child-Theme	37,985
sydney	35,715
gox	33,650
woodmart	33,613
bridge	33,188
twentytwentyone	32,430
lightning	31,653
twentytwenty	30,348
swell	28,740
Impreza	26,771
bricks	26,340
twentytwentythree	24,219
Newspaper	23,785
voxel	23,104
twentytwentytwo	20,100
kubio	19,580
sinatra	19,425
uncode	19,303
epik-redesign	19,278
twentysixteen	18,417
storefront	18,092
pro	17,983
Total	14,866
extendable	14,714
yith-wonder	14,087
hello-theme-child-master	13,503
themify-ultra	13,124
yootheme	13,090
factory-templates-4	13,019

Theme

Count

622,154

515,376

427,781

136,821

125,534