OpenVAS detects Joomla instead of Wordpress


I use Hosted Scan to scan for vulnerabilities and in an OpenVAS scan today, it suggested that 3 of the 11 WordPress sites were Joomla sites and vulnerable. I can find nothing on these sites that would trigger a suggestion of Joomla at either the hosting level or in the files being hosted. Hosted Scan suggested I reach out here to find out how the scan determines the CMS and what might have triggered the scan to think a WordPress site was a Joomla site.

Thank you for any help you can give.

I’m not familiar with this term “Hosted Scan”, can you please specify what this refers to?

@rippledj I suppose the company is what is meant here. They are offering a platform utilizing OpenVAS. @jmarpo I suggest to ask HostedScan for support. AFAIK People from Greenbone tried to communicate with them to understand better what they do with OpenVAS, but they did not respond.
@jmarpo You may try the Greenbone Cloud Service (for free) here:, which offers you support when you consider becoming a customer.