WordPress OSINT, maintenance or security needs? Reach out!

TLDWP

Domain Details for gl.ga*h.c.jp

Site Information

WordPress Version: 6.4.2 ⚠️ VULNERABLE

Theme: emaus

Last Checked: 2026-06-10 19:35:54

HTTPS: ✅ Yes

Plugins (3)

Plugin	Used By
contact-form-7	1,856,263
deo-elementor	107
elementor	1,883,060

Security Headers

F

Grade F

5 missing headers

Missing Headers:

Content-Security-Policy (CSP) — Prevents XSS attacks ?
X-Content-Type-Options — Prevents MIME sniffing ?
X-Frame-Options — Prevents clickjacking ?
Referrer-Policy — Controls referrer information ?
Permissions-Policy — Limits browser features ?

Exposed Files & Configurations

This domain has publicly accessible security-sensitive files or configurations:

⚠️ Vulnerable WordPress Version (6.4.2) — CVE-2024-4439: Unauthenticated Stored XSS. Update to 6.5.2 or later immediately.
👤 User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?

Need help securing your WordPress site? Contact us for a professional security audit.

Top 50 Plugins

Plugin	Count

Top 50 Themes

Theme	Count
hello-elementor	643,853
Divi	534,207
astra	440,149
flatsome	150,511
generatepress	136,499
Avada	129,452
pub	114,790
twentytwentyfour	113,255
sydney	108,766
oceanwp	87,059
kadence	82,810
enfold	75,162
salient	69,136
twentyseventeen	59,140
h4	58,772
bb-theme	56,716
betheme	54,411
blocksy	53,536
cocoon-master	52,931
dt-the7	48,114
twentytwentyfive	46,609
neve	41,432
Avada-Child-Theme	39,093
woodmart	34,663
gox	34,535
bridge	34,125
twentytwentyone	33,488
lightning	32,581
twentytwenty	31,549
voxel	29,231
swell	29,223
Impreza	27,834
bricks	27,131
sinatra	26,366
twentytwentythree	25,139
Newspaper	25,107
kubio	22,381
twentytwentytwo	20,615
uncode	20,068
twentysixteen	19,431
epik-redesign	19,302
storefront	18,651
pro	18,269
Total	15,397
extendable	15,157
yith-wonder	14,147
hello-theme-child-master	14,046
yootheme	13,615
themify-ultra	13,575
hestia	13,559