Content Management System (CMS) is a software widely used for websites creation and management. It allows its users to create and manage websites such as blogs, forums, online stores, etc. Due to it's wide use by "non-tech" users, a lot of vulnerabilities can be found on websites using a CMS.
CMS scan for vulnerabilities on WordPress with WPScan.
wpscan -url $URL
wpscan -url $URL -enumerate u
wpscan -url $URL -wordlist wordlist.txt -username $username
wpscan -url www.example.com -e u -wordlist wordlist.txt
CMS scan for vulnerabilities with droopescan.
droopescan scan -u $URL
For known CMS:
droopescan scan $cms_name -u $URL
Browser extension: Wappalyzer allows its user to identify technologies on websites (including CMS). Website: Whatcms.org which helps in answering the question "What CMS Is This Site Using?" by entering an URL. Source code and robots.txt: information about the CMS used can be written in these files.