Wpscan error in Parrot OS

I am performing a scan using wpscan version 3.5.1. Wpscan did not came up with vulnerabilities as expected. The site is vulnerable to many attacks as shown by Owasp ZAP. Why is wpscan not pointing out in right direction? Here is the output of my scan:

[+] URL: http://examplewebsite.in/
[+] Started: Mon Apr 15 17:24:03 2019

Interesting Finding(s):

[+] http://examplewebsite.in/
| Interesting Entries:
| - Server: Apache
| - Referrer-Policy: same-origin
| - X-Powered-By: W3 Total Cache/0.9.7.3
| Found By: Headers (Passive Detection)
| Confidence: 100%

[+] http://examplewebsite.in/robots.txt
| Interesting Entries:
| - /wp-admin/
| - /wp-admin/admin-ajax.php
| Found By: Robots Txt (Aggressive Detection)
| Confidence: 100%

[+] http://examplewebsite.in/xmlrpc.php
| Found By: Link Tag (Passive Detection)
| Confidence: 100%
| Confirmed By: Direct Access (Aggressive Detection), 100% confidence
| References:
| - http://codex.wordpress.org/XML-RPC_Pingback_API
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
| - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
| - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access

[+] http://examplewebsite.in/readme.html
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%

[+] This site seems to be a multisite
| Found By: Direct Access (Aggressive Detection)
| Confidence: 100%
| Reference: http://codex.wordpress.org/Glossary#Multisite

[+] http://examplewebsite.in/wp-cron.php
| Found By: Direct Access (Aggressive Detection)
| Confidence: 60%
| References:
| - https://www.iplocation.net/defend-wordpress-from-ddos
| - https://github.com/wpscanteam/wpscan/issues/1299

[+] WordPress version 5.1.1 identified (Latest, released on 2019-03-13).
| Detected By: Rss Generator (Passive Detection)
| - http://iexamplewebsite.in/feed/, https://wordpress.org/?v=5.1.1
| - http://examplewebsite.in/comments/feed/, https://wordpress.org/?v=5.1.1

[+] WordPress theme in use: cs_branch
| Location: http://examplewebsite.in/wp-content/themes/cs_branch/
| Readme: http://examplewebsite.in/wp-content/themes/cs_branch/readme.txt
| Style URL: http://examplewebsite.in/wp-content/themes/cs_branch/style.css
| Style Name: xxxxxxxxx
| Description: xxxxxxxxx
| Author: Wibe
| Author URI: http://wibe.in/
|
| Detected By: Urls In Homepage (Passive Detection)
|
| Version: 1.0 (80% confidence)
| Detected By: Style (Passive Detection)
| - http://examplewebsite.in/wp-content/themes/cs_branch/style.css, Match: ‘Version: 1.0’

[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] js_composer
| Location: http://examplewebsite.in/wp-content/plugins/js_composer/
|
| Detected By: Meta Generator (Passive Detection)
| Confirmed By: Body Tag (Passive Detection)
|
| Version: 4.12 (60% confidence)
| Detected By: Body Tag (Passive Detection)
| - http:/examplewebsite.in/, Match: ‘js-comp-ver-4.12’

[+] revslider
| Location: http://examplewebsite.in/wp-content/plugins/revslider/
|
| Detected By: Div Data Version (Passive Detection)
| Confirmed By: Meta Generator (Passive Detection)
|
| Version: 5.2.6 (100% confidence)
| Detected By: Div Data Version (Passive Detection)
| - http://examplewebsite.in/, Match: ‘5.2.6’
| Confirmed By: Meta Generator (Passive Detection)
| - http://examplewebsite.in/, Match: ‘Powered by Slider Revolution 5.2.6’

[+] w3-total-cache
| Location: http://examplewebsite.in/wp-content/plugins/w3-total-cache/
| Latest Version: 0.9.7.3 (up to date)
| Last Updated: 2019-03-26T15:19:00.000Z
|
| Detected By: Header Pattern (Passive Detection)
|
| Version: 0.9.7.3 (100% confidence)
| Detected By: Header Pattern (Passive Detection)
| - http://examplewebsite.in/, Match: ‘W3 Total Cache/0.9.7.3’
| Confirmed By:
| Readme - Stable Tag (Aggressive Detection)
| - http:/examplewebsite.in/wp-content/plugins/w3-total-cache/readme.txt
| Readme - ChangeLog Section (Aggressive Detection)
| - http://examplewebsite.in/wp-content/plugins/w3-total-cache/readme.txt

[+] Enumerating Config Backups (via Passive and Aggressive Methods)
Checking Config Backups - Time: 00:00:06 <==========================================================> (21 / 21) 100.00% Time: 00:00:06

[i] No Config Backups Found.

[+] Finished: Mon Apr 15 17:24:14 2019
[+] Requests Done: 22
[+] Cached Requests: 40
[+] Data Sent: 3.571 KB
[+] Data Received: 8.502 KB
[+] Memory used: 167.949 MB
[+] Elapsed time: 00:00:10