WPScan tool is exelent for finding WordPress valnarabilities. In this how to we will look at installing this tool and doing basic scan against our target site.
More information can be found at wpscan site

First of all lets install all prerequisites. In our case we are using Linux mint but the procedure should be very similar on other distributions.

sudo apt-get install libcurl4-openssl-dev libxml2 libxml2-dev libxslt1-dev ruby-dev build-essential libgmp-dev zlib1g-dev curl git

Now lets install software

cd ~
curl -sSL https://rvm.io/mpapis.asc | gpg --import -
curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
rvm install 2.3.1
rvm use 2.3.1 --default
echo "gem: --no-ri --no-rdoc" > ~/.gemrc
gem install bundler
git clone https://github.com/wpscanteam/wpscan.git
cd wpscan
gem install bundler
bundle install --without test

Whe run for the first time you will get a message asking you to update database. Say Yes to accept.

_______________________________________________________________
        __          _______   _____                  
        \ \        / /  __ \ / ____|                 
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \ 
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team 
                       Version 2.9.2
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[i] It seems like you have not updated the database for some time.
[?] Do you want to update now? [Y]es [N]o [A]bort, default: [N]y

You can also update it on it own by runnign the following command

 ruby wpscan.rb --update
_______________________________________________________________
        __          _______   _____                  
        \ \        / /  __ \ / ____|                 
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \ 
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team 
                       Version 2.9.2
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[i] Updating the Database ...
[i] Update completed.

Run a basic scan

ruby wpscan.rb --url tekyhost.com
_______________________________________________________________
        __          _______   _____                  
        \ \        / /  __ \ / ____|                 
         \ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
          \ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \ 
           \  /\  /  | |     ____) | (__| (_| | | | |
            \/  \/   |_|    |_____/ \___|\__,_|_| |_|

        WordPress Security Scanner by the WPScan Team 
                       Version 2.9.2
          Sponsored by Sucuri - https://sucuri.net
   @_WPScan_, @ethicalhack3r, @erwan_lr, pvdl, @_FireFart_
_______________________________________________________________

[+] URL: http://tekyhost.com/
[+] Started: Thu Nov 24 09:59:57 2016

[+] robots.txt available under: 'http://tekyhost.com/robots.txt'
[+] Interesting entry from robots.txt: http://tekyhost.com/wp-admin/admin-ajax.php
[!] The WordPress 'http://tekyhost.com/readme.html' file exists exposing a version number
[+] Interesting header: LINK: ; rel="https://api.w.org/"
[+] Interesting header: LINK: ; rel=shortlink
[+] Interesting header: SERVER: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.16
[+] Interesting header: VIA: 1.1 proxy.tekyhost.com (squid/3.3.8)
[+] Interesting header: X-CACHE: MISS from proxy.tekyhost.com
[+] Interesting header: X-CACHE-LOOKUP: MISS from proxy.tekyhost.com:80
[+] Interesting header: X-POWERED-BY: PHP/5.4.16
[+] XML-RPC Interface available under: http://tekyhost.com/xmlrpc.php

[+] WordPress version 4.6.1 (Released on 2016-09-07) identified from advanced fingerprinting, meta generator, readme, links opml, stylesheets numbers

[+] WordPress theme in use: one-page - v1.3.6

[+] Name: one-page - v1.3.6
 |  Latest version: 1.3.6 (up to date)
 |  Location: http://tekyhost.com/wp-content/themes/one-page/
 |  Readme: http://tekyhost.com/wp-content/themes/one-page/readme.txt
 |  Changelog: http://tekyhost.com/wp-content/themes/one-page/changelog.txt
 |  Style URL: http://tekyhost.com/wp-content/themes/one-page/style.css
 |  Theme Name: One Page
 |  Theme URI: http://www.inkthemes.com/one-page-wordpress-org/
 |  Description: One Page is a single-page theme that displays all the essential features of your website on the h...
 |  Author: InkThemes.com
 |  Author URI: http://www.inkthemes.com

[+] Enumerating plugins from passive detection ...
 | 2 plugins found:

[+] Name: column-shortcodes - v0.6.9
 |  Latest version: 0.6.9 (up to date)
 |  Location: http://tekyhost.com/wp-content/plugins/column-shortcodes/
 |  Readme: http://tekyhost.com/wp-content/plugins/column-shortcodes/readme.txt

[+] Name: testimonial-basics - v4.3.1
 |  Latest version: 4.3.1 (up to date)
 |  Location: http://tekyhost.com/wp-content/plugins/testimonial-basics/
 |  Readme: http://tekyhost.com/wp-content/plugins/testimonial-basics/readme.txt

[+] Finished: Thu Nov 24 10:00:14 2016
[+] Requests Done: 51
[+] Memory used: 117.191 MB
[+] Elapsed time: 00:00:16

Some additional scans that you can perform. This examples taken dorectly from WPscan website

Do wordlist password brute force on enumerated users using 50 threads…

ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50

Do wordlist password brute force on the ‘admin’ username only…

ruby wpscan.rb --url www.example.com --wordlist darkc0de.lst --username admin

Enumerate installed plugins…

ruby wpscan.rb --url www.example.com --enumerate p

Run all enumeration tools…

ruby wpscan.rb --url www.example.com --enumerate

Use custom content directory…

ruby wpscan.rb -u www.example.com --wp-content-dir custom-content

Update WPScan’s databases…

ruby wpscan.rb --update

Debug output…

ruby wpscan.rb --url www.example.com --debug-output 2>debug.log