If you are interested in knowing which version of wordpress installation a website is running, here is a simple trick to help your way. You don’t need to login into wp admn panel.
I don’t want to make you wait. Let’s directly go to trick.
Step 1 :
Find your target. Let’s say your target is http://example.com.
Step 2 :
Try accessing wordpress admin login page by logging on to http://example.com/wp-admin/.
If you are redirected to something like http://example.com/wp-login.php?redirect_to=http%3A….., then you are sure that your target is using wordpress.
Step 3 :
In the login form, open the page HTML source by right click > View Source or through the developer tool of your favorite browser.
In the <head> tag, check the css include line which looks something like –
Well, now you got current version of my Tech – Lives, but I don’t mind. :p
The impact :
You are looking for this article means, I’m sure what your intention is. Come on, go ahead to find vulnerabilities available for that particular wordpress version and try if you can hack your target. All the best from my side.
The Fix :
Since the wordpress version is disclosed in wordpress admin login page without logging in, the fix must be from wordprss if they think this impacts enough to not to reveal the installation version.
This works fine for the most latest version available till date, wp 3.6.1, at the time of writing this article