RubyGems - wpscan - Versions diffs - 3.0 - Mend

wpscan 3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (180) hide show

checksums.yaml +7 -0
data/Gemfile.lock +139 -0
data/LICENSE +74 -0
data/README.md +146 -0
data/app/app.rb +3 -0
data/app/controllers.rb +6 -0
data/app/controllers/brute_force.rb +126 -0
data/app/controllers/core.rb +104 -0
data/app/controllers/custom_directories.rb +23 -0
data/app/controllers/enumeration.rb +53 -0
data/app/controllers/enumeration/cli_options.rb +126 -0
data/app/controllers/enumeration/enum_methods.rb +157 -0
data/app/controllers/main_theme.rb +27 -0
data/app/controllers/wp_version.rb +30 -0
data/app/finders.rb +13 -0
data/app/finders/config_backups.rb +17 -0
data/app/finders/config_backups/known_filenames.rb +46 -0
data/app/finders/interesting_findings.rb +33 -0
data/app/finders/interesting_findings/backup_db.rb +25 -0
data/app/finders/interesting_findings/debug_log.rb +20 -0
data/app/finders/interesting_findings/duplicator_installer_log.rb +23 -0
data/app/finders/interesting_findings/full_path_disclosure.rb +23 -0
data/app/finders/interesting_findings/mu_plugins.rb +48 -0
data/app/finders/interesting_findings/multisite.rb +29 -0
data/app/finders/interesting_findings/readme.rb +26 -0
data/app/finders/interesting_findings/registration.rb +31 -0
data/app/finders/interesting_findings/tmm_db_migrate.rb +24 -0
data/app/finders/interesting_findings/upload_directory_listing.rb +24 -0
data/app/finders/interesting_findings/upload_sql_dump.rb +28 -0
data/app/finders/main_theme.rb +22 -0
data/app/finders/main_theme/css_style.rb +43 -0
data/app/finders/main_theme/urls_in_homepage.rb +25 -0
data/app/finders/main_theme/woo_framework_meta_generator.rb +22 -0
data/app/finders/medias.rb +17 -0
data/app/finders/medias/attachment_brute_forcing.rb +44 -0
data/app/finders/plugin_version.rb +44 -0
data/app/finders/plugin_version/layer_slider/translation_file.rb +40 -0
data/app/finders/plugin_version/readme.rb +79 -0
data/app/finders/plugin_version/revslider/release_log.rb +35 -0
data/app/finders/plugin_version/sitepress_multilingual_cms/meta_generator.rb +27 -0
data/app/finders/plugin_version/sitepress_multilingual_cms/version_parameter.rb +31 -0
data/app/finders/plugin_version/w3_total_cache/headers.rb +28 -0
data/app/finders/plugins.rb +24 -0
data/app/finders/plugins/comments.rb +31 -0
data/app/finders/plugins/headers.rb +36 -0
data/app/finders/plugins/known_locations.rb +48 -0
data/app/finders/plugins/urls_in_homepage.rb +29 -0
data/app/finders/theme_version.rb +41 -0
data/app/finders/theme_version/style.rb +43 -0
data/app/finders/theme_version/woo_framework_meta_generator.rb +19 -0
data/app/finders/themes.rb +20 -0
data/app/finders/themes/known_locations.rb +48 -0
data/app/finders/themes/urls_in_homepage.rb +23 -0
data/app/finders/timthumb_version.rb +17 -0
data/app/finders/timthumb_version/bad_request.rb +21 -0
data/app/finders/timthumbs.rb +17 -0
data/app/finders/timthumbs/known_locations.rb +56 -0
data/app/finders/users.rb +24 -0
data/app/finders/users/author_id_brute_forcing.rb +111 -0
data/app/finders/users/author_posts.rb +61 -0
data/app/finders/users/login_error_messages.rb +50 -0
data/app/finders/users/wp_json_api.rb +31 -0
data/app/finders/wp_items.rb +1 -0
data/app/finders/wp_items/urls_in_homepage.rb +68 -0
data/app/finders/wp_version.rb +34 -0
data/app/finders/wp_version/atom_generator.rb +40 -0
data/app/finders/wp_version/meta_generator.rb +27 -0
data/app/finders/wp_version/opml_generator.rb +23 -0
data/app/finders/wp_version/rdf_generator.rb +38 -0
data/app/finders/wp_version/readme.rb +28 -0
data/app/finders/wp_version/rss_generator.rb +43 -0
data/app/finders/wp_version/sitemap_generator.rb +23 -0
data/app/finders/wp_version/stylesheets.rb +55 -0
data/app/finders/wp_version/unique_fingerprinting.rb +64 -0
data/app/models.rb +10 -0
data/app/models/config_backup.rb +5 -0
data/app/models/interesting_finding.rb +6 -0
data/app/models/media.rb +5 -0
data/app/models/plugin.rb +25 -0
data/app/models/theme.rb +99 -0
data/app/models/timthumb.rb +74 -0
data/app/models/user.rb +31 -0
data/app/models/wp_item.rb +142 -0
data/app/models/wp_version.rb +49 -0
data/app/models/xml_rpc.rb +19 -0
data/app/views/cli/brute_force/error.erb +1 -0
data/app/views/cli/brute_force/found.erb +2 -0
data/app/views/cli/brute_force/users.erb +9 -0
data/app/views/cli/core/banner.erb +14 -0
data/app/views/cli/core/db_update_finished.erb +8 -0
data/app/views/cli/core/db_update_started.erb +1 -0
data/app/views/cli/core/not_fully_configured.erb +1 -0
data/app/views/cli/enumeration/config_backups.erb +11 -0
data/app/views/cli/enumeration/medias.erb +11 -0
data/app/views/cli/enumeration/plugins.erb +35 -0
data/app/views/cli/enumeration/themes.erb +11 -0
data/app/views/cli/enumeration/timthumbs.erb +18 -0
data/app/views/cli/enumeration/users.erb +11 -0
data/app/views/cli/finding.erb +32 -0
data/app/views/cli/info.erb +1 -0
data/app/views/cli/main_theme/theme.erb +6 -0
data/app/views/cli/notice.erb +1 -0
data/app/views/cli/theme.erb +64 -0
data/app/views/cli/usage.erb +3 -0
data/app/views/cli/vulnerability.erb +14 -0
data/app/views/cli/wp_version/version.erb +6 -0
data/app/views/json/brute_force/users.erb +10 -0
data/app/views/json/core/banner.erb +12 -0
data/app/views/json/core/db_update_finished.erb +2 -0
data/app/views/json/core/db_update_started.erb +1 -0
data/app/views/json/core/not_fully_configured.erb +1 -0
data/app/views/json/enumeration/config_backups.erb +10 -0
data/app/views/json/enumeration/medias.erb +10 -0
data/app/views/json/enumeration/plugins.erb +25 -0
data/app/views/json/enumeration/themes.erb +10 -0
data/app/views/json/enumeration/timthumbs.erb +19 -0
data/app/views/json/enumeration/users.erb +11 -0
data/app/views/json/finding.erb +26 -0
data/app/views/json/main_theme/theme.erb +7 -0
data/app/views/json/theme.erb +38 -0
data/app/views/json/wp_version/version.erb +8 -0
data/bin/wpscan +15 -0
data/coverage/assets/0.10.0/application.css +799 -0
data/coverage/assets/0.10.0/application.js +1707 -0
data/coverage/assets/0.10.0/colorbox/border.png +0 -0
data/coverage/assets/0.10.0/colorbox/controls.png +0 -0
data/coverage/assets/0.10.0/colorbox/loading.gif +0 -0
data/coverage/assets/0.10.0/colorbox/loading_background.png +0 -0
data/coverage/assets/0.10.0/favicon_green.png +0 -0
data/coverage/assets/0.10.0/favicon_red.png +0 -0
data/coverage/assets/0.10.0/favicon_yellow.png +0 -0
data/coverage/assets/0.10.0/loading.gif +0 -0
data/coverage/assets/0.10.0/magnify.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_flat_0_aaaaaa_40x100.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_flat_75_ffffff_40x100.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_glass_55_fbf9ee_1x400.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_glass_65_ffffff_1x400.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_glass_75_dadada_1x400.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_glass_75_e6e6e6_1x400.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_glass_95_fef1ec_1x400.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-bg_highlight-soft_75_cccccc_1x100.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-icons_222222_256x240.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-icons_2e83ff_256x240.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-icons_454545_256x240.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-icons_888888_256x240.png +0 -0
data/coverage/assets/0.10.0/smoothness/images/ui-icons_cd0a0a_256x240.png +0 -0
data/coverage/index.html +27510 -0
data/lib/wpscan.rb +44 -0
data/lib/wpscan/browser.rb +16 -0
data/lib/wpscan/controller.rb +8 -0
data/lib/wpscan/controllers.rb +8 -0
data/lib/wpscan/db.rb +28 -0
data/lib/wpscan/db/dynamic_finders.rb +63 -0
data/lib/wpscan/db/plugin.rb +11 -0
data/lib/wpscan/db/plugins.rb +11 -0
data/lib/wpscan/db/schema.rb +39 -0
data/lib/wpscan/db/theme.rb +11 -0
data/lib/wpscan/db/themes.rb +11 -0
data/lib/wpscan/db/updater.rb +148 -0
data/lib/wpscan/db/wp_item.rb +18 -0
data/lib/wpscan/db/wp_items.rb +21 -0
data/lib/wpscan/db/wp_version.rb +11 -0
data/lib/wpscan/errors/http.rb +34 -0
data/lib/wpscan/errors/update.rb +8 -0
data/lib/wpscan/errors/wordpress.rb +22 -0
data/lib/wpscan/finders.rb +14 -0
data/lib/wpscan/finders/finder/plugin_version/comments.rb +25 -0
data/lib/wpscan/finders/finder/wp_version/smart_url_checker.rb +23 -0
data/lib/wpscan/helper.rb +6 -0
data/lib/wpscan/references.rb +31 -0
data/lib/wpscan/target.rb +81 -0
data/lib/wpscan/target/platform/wordpress.rb +74 -0
data/lib/wpscan/target/platform/wordpress/custom_directories.rb +93 -0
data/lib/wpscan/version.rb +4 -0
data/lib/wpscan/vulnerability.rb +25 -0
data/lib/wpscan/vulnerable.rb +10 -0
data/wpscan-v3.sublime-project +8 -0
data/wpscan-v3.sublime-workspace +895 -0
data/wpscan.gemspec +55 -0
metadata +419 -0

data/app/finders/interesting_findings/upload_sql_dump.rb ADDED

@@ -0,0 +1,28 @@
+module WPScan
+  module Finders
+    module InterestingFindings
+      # UploadSQLDump finder
+      class UploadSQLDump < CMSScanner::Finders::Finder
+        SQL_PATTERN = /(?:(?:(?:DROP|CREATE) TABLE)|INSERT INTO)/
+        # @return [ InterestingFinding ]
+        def aggressive(_opts = {})
+          url = dump_url
+          res = Browser.get(url)
+          return unless res.code == 200 && res.body =~ SQL_PATTERN
+          WPScan::InterestingFinding.new(
+            url,
+            confidence: 100,
+            found_by: DIRECT_ACCESS
+          )
+        end
+        def dump_url
+          target.url('wp-content/uploads/dump.sql')
+        end
+      end
+    end
+  end
+end

data/app/finders/main_theme.rb ADDED

@@ -0,0 +1,22 @@
+require_relative 'main_theme/css_style'
+require_relative 'main_theme/woo_framework_meta_generator'
+require_relative 'main_theme/urls_in_homepage'
+module WPScan
+  module Finders
+    module MainTheme
+      # Main Theme Finder
+      class Base
+        include CMSScanner::Finders::UniqueFinder
+        # @param [ WPScan::Target ] target
+        def initialize(target)
+          finders <<
+            MainTheme::CssStyle.new(target) <<
+            MainTheme::WooFrameworkMetaGenerator.new(target) <<
+            MainTheme::UrlsInHomepage.new(target)
+        end
+      end
+    end
+  end
+end

data/app/finders/main_theme/css_style.rb ADDED

@@ -0,0 +1,43 @@
+module WPScan
+  module Finders
+    module MainTheme
+      # From the css style
+      class CssStyle < CMSScanner::Finders::Finder
+        include Finders::WpItems::URLsInHomepage
+        def create_theme(name, style_url, opts)
+          WPScan::Theme.new(
+            name,
+            target,
+            opts.merge(found_by: found_by, confidence: 70, style_url: style_url)
+          )
+        end
+        def passive(opts = {})
+          passive_from_css_href(target.homepage_res, opts) || passive_from_style_code(target.homepage_res, opts)
+        end
+        def passive_from_css_href(res, opts)
+          target.in_scope_urls(res, '//style|//link') do |url|
+            next unless Addressable::URI.parse(url).path =~ %r{/themes/([^\/]+)/style.css\z}i
+            return create_theme(Regexp.last_match[1], url, opts)
+          end
+          nil
+        end
+        def passive_from_style_code(res, opts)
+          res.html.css('style').each do |tag|
+            code = tag.text.to_s
+            next if code.empty?
+            next unless code =~ %r{#{item_code_pattern('themes')}\\?/style\.css[^"'\( ]*}i
+            return create_theme(Regexp.last_match[1], Regexp.last_match[0].strip, opts)
+          end
+          nil
+        end
+      end
+    end
+  end
+end

data/app/finders/main_theme/urls_in_homepage.rb ADDED

@@ -0,0 +1,25 @@
+module WPScan
+  module Finders
+    module MainTheme
+      # URLs In Homepage Finder
+      class UrlsInHomepage < CMSScanner::Finders::Finder
+        include WpItems::URLsInHomepage
+        # @param [ Hash ] opts
+        #
+        # @return [ Array<Theme> ]
+        def passive(opts = {})
+          found = []
+          names = items_from_links('themes', false) + items_from_codes('themes', false)
+          names.each_with_object(Hash.new(0)) { |name, counts| counts[name] += 1 }.each do |name, occurences|
+            found << WPScan::Theme.new(name, target, opts.merge(found_by: found_by, confidence: 2 * occurences))
+          end
+          found
+        end
+      end
+    end
+  end
+end

data/app/finders/main_theme/woo_framework_meta_generator.rb ADDED

@@ -0,0 +1,22 @@
+module WPScan
+  module Finders
+    module MainTheme
+      # From the WooFramework meta generators
+      class WooFrameworkMetaGenerator < CMSScanner::Finders::Finder
+        THEME_PATTERN     = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?"\s+/?>}
+        FRAMEWORK_PATTERN = %r{<meta name="generator" content="WooFramework\s?([^"]+)?"\s+/?>}
+        PATTERN           = /#{THEME_PATTERN}\s+#{FRAMEWORK_PATTERN}/i
+        def passive(opts = {})
+          return unless target.homepage_res.body =~ PATTERN
+          WPScan::Theme.new(
+            Regexp.last_match[1],
+            target,
+            opts.merge(found_by: found_by, confidence: 80)
+          )
+        end
+      end
+    end
+  end
+end

data/app/finders/medias.rb ADDED

@@ -0,0 +1,17 @@
+require_relative 'medias/attachment_brute_forcing'
+module WPScan
+  module Finders
+    module Medias
+      # Medias Finder
+      class Base
+        include CMSScanner::Finders::SameTypeFinder
+        # @param [ WPScan::Target ] target
+        def initialize(target)
+          finders << Medias::AttachmentBruteForcing.new(target)
+        end
+      end
+    end
+  end
+end

data/app/finders/medias/attachment_brute_forcing.rb ADDED

@@ -0,0 +1,44 @@
+module WPScan
+  module Finders
+    module Medias
+      # Medias Finder
+      class AttachmentBruteForcing < CMSScanner::Finders::Finder
+        include CMSScanner::Finders::Finder::Enumerator
+        # @param [ Hash ] opts
+        # @option opts [ Range ] :range Mandatory
+        #
+        # @return [ Array<Media> ]
+        def aggressive(opts = {})
+          found = []
+          enumerate(target_urls(opts), opts) do |res|
+            next unless res.code == 200
+            found << WPScan::Media.new(res.effective_url, opts.merge(found_by: found_by, confidence: 100))
+          end
+          found
+        end
+        # @param [ Hash ] opts
+        # @option opts [ Range ] :range Mandatory
+        #
+        # @return [ Hash ]
+        def target_urls(opts = {})
+          urls = {}
+          opts[:range].each do |id|
+            urls[target.uri.join("?attachment_id=#{id}").to_s] = id
+          end
+          urls
+        end
+        def create_progress_bar(opts = {})
+          super(opts.merge(title: ' Brute Forcing Attachment Ids -'))
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version.rb ADDED

@@ -0,0 +1,44 @@
+require_relative 'plugin_version/readme'
+# Plugins Specific
+require_relative 'plugin_version/layer_slider/translation_file'
+require_relative 'plugin_version/revslider/release_log'
+require_relative 'plugin_version/sitepress_multilingual_cms/version_parameter'
+require_relative 'plugin_version/sitepress_multilingual_cms/meta_generator'
+require_relative 'plugin_version/w3_total_cache/headers'
+module WPScan
+  module Finders
+    module PluginVersion
+      # Plugin Version Finder
+      class Base
+        include CMSScanner::Finders::UniqueFinder
+        # @param [ WPScan::Plugin ] plugin
+        def initialize(plugin)
+          finders << PluginVersion::Readme.new(plugin)
+          load_specific_finders(plugin)
+        end
+        # Load the finders associated with the plugin
+        #
+        # @param [ WPScan::Plugin ] plugin
+        def load_specific_finders(plugin)
+          module_name = plugin.classify_name.to_sym
+          return unless Finders::PluginVersion.constants.include?(module_name)
+          mod = Finders::PluginVersion.const_get(module_name)
+          mod.constants.each do |constant|
+            c = mod.const_get(constant)
+            next unless c.is_a?(Class)
+            finders << c.new(plugin)
+          end
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version/layer_slider/translation_file.rb ADDED

@@ -0,0 +1,40 @@
+module WPScan
+  module Finders
+    module PluginVersion
+      module LayerSlider
+        # Version from a Translation file
+        #
+        # See https://github.com/wpscanteam/wpscan/issues/765
+        class TranslationFile < CMSScanner::Finders::Finder
+          # @param [ Hash ] opts
+          #
+          # @return [ Version ]
+          def aggressive(_opts = {})
+            potential_urls.each do |url|
+              res = Browser.get(url)
+              next unless res.code == 200 && res.body =~ /Project-Id-Version: LayerSlider WP v?([0-9\.][^\\\s]+)/
+              return WPScan::Version.new(
+                Regexp.last_match[1],
+                found_by: 'Translation File (Aggressive Detection)',
+                confidence: 90,
+                interesting_entries: ["#{url}, Match: '#{Regexp.last_match}'"]
+              )
+            end
+            nil
+          end
+          # @return [ Array<String> ] The potential URLs where the version is disclosed
+          def potential_urls
+            # Recent versions seem to use the 'locales' directory instead of the 'languages' one.
+            # Maybe also check other locales ?
+            %w(locales languages).reduce([]) do |a, e|
+              a << target.url("#{e}/LayerSlider-en_US.po")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version/readme.rb ADDED

@@ -0,0 +1,79 @@
+module WPScan
+  module Finders
+    module PluginVersion
+      # Plugin Version Finder from the readme.txt file
+      class Readme < CMSScanner::Finders::Finder
+        # @return [ Version ]
+        def aggressive(_opts = {})
+          found_by_msg = 'Readme - %s (Aggressive Detection)'
+          WPScan::WpItem::READMES.each do |file|
+            url = target.url(file)
+            res = Browser.get(url)
+            next unless res.code == 200 && !(numbers = version_numbers(res.body)).empty?
+            return numbers.reduce([]) do |a, e|
+              a << WPScan::Version.new(
+                e[0],
+                found_by: format(found_by_msg, e[1]),
+                confidence: e[2],
+                interesting_entries: [url]
+              )
+            end
+          end
+          nil
+        end
+        # @return [ Array<String, String, Integer> ] number, found_by, confidence
+        def version_numbers(body)
+          numbers = []
+          if (number = from_stable_tag(body))
+            numbers << [number, 'Stable Tag', 80]
+          end
+          if (number = from_changelog_section(body))
+            numbers << [number, 'ChangeLog Section', 50]
+          end
+          numbers
+        end
+        # @param [ String ] body
+        #
+        # @return [ String, nil ] The version number detected from the stable tag
+        def from_stable_tag(body)
+          return unless body =~ /\b(?:stable tag|version):\s*(?!trunk)([0-9a-z\.-]+)/i
+          number = Regexp.last_match[1]
+          number if number =~ /[0-9]+/
+        end
+        # @param [ String ] body
+        #
+        # @return [ String, nil ] The best version number detected from the changelog section
+        def from_changelog_section(body)
+          extracted_versions = body.scan(%r{[=]+\s+(?:v(?:ersion)?\s*)?([0-9\.-]+)[ \ta-z0-9\(\)\.\-\/]*[=]+}i)
+          return if extracted_versions.nil? || extracted_versions.empty?
+          extracted_versions.flatten!
+          # must contain at least one number
+          extracted_versions = extracted_versions.select { |x| x =~ /[0-9]+/ }
+          sorted = extracted_versions.sort do |x, y|
+            begin
+              Gem::Version.new(x) <=> Gem::Version.new(y)
+            rescue
+              0
+            end
+          end
+          sorted.last
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version/revslider/release_log.rb ADDED

@@ -0,0 +1,35 @@
+module WPScan
+  module Finders
+    module PluginVersion
+      module Revslider
+        # Version from the release_log.html
+        #
+        # See https://github.com/wpscanteam/wpscan/issues/817
+        class ReleaseLog < CMSScanner::Finders::Finder
+          # @param [ Hash ] opts
+          #
+          # @return [ Version ]
+          def aggressive(_opts = {})
+            res = Browser.get(release_log_url)
+            res.html.css('h3.version-number:first').each do |node|
+              next unless node.text =~ /\AVersion ([0-9\.]+).*\z/i
+              return WPScan::Version.new(
+                Regexp.last_match[1],
+                found_by: found_by,
+                confidence: 90,
+                interesting_entries: ["#{release_log_url}, Match: '#{Regexp.last_match}'"]
+              )
+            end
+            nil
+          end
+          def release_log_url
+            target.url('release_log.html')
+          end
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version/sitepress_multilingual_cms/meta_generator.rb ADDED

@@ -0,0 +1,27 @@
+module WPScan
+  module Finders
+    module PluginVersion
+      module SitepressMultilingualCms
+        # Version from the meta generator
+        class MetaGenerator < CMSScanner::Finders::Finder
+          # @param [ Hash ] opts
+          #
+          # @return [ Version ]
+          def passive(_opts = {})
+            target.target.homepage_res.html.css('meta[name="generator"]').each do |node|
+              next unless node['content'] =~ /\AWPML\sver:([0-9\.]+)\sstt/i
+              return WPScan::Version.new(
+                Regexp.last_match(1),
+                found_by: 'Meta Generator (Passive detection)',
+                confidence: 50,
+                interesting_entries: ["#{target.target.url}, Match: '#{node}'"]
+              )
+            end
+            nil
+          end
+        end
+      end
+    end
+  end
+end

data/app/finders/plugin_version/sitepress_multilingual_cms/version_parameter.rb ADDED

@@ -0,0 +1,31 @@
+module WPScan
+  module Finders
+    module PluginVersion
+      module SitepressMultilingualCms
+        # Version from the v parameter in href / src of stylesheets / scripts
+        class VersionParameter < CMSScanner::Finders::Finder
+          # @param [ Hash ] opts
+          #
+          # @return [ Version ]
+          def passive(_opts = {})
+            pattern = %r{#{Regexp.escape(target.target.plugins_dir)}/sitepress-multilingual-cms/}i
+            target.target.in_scope_urls(target.target.homepage_res, '//link|//script') do |url|
+              uri = Addressable::URI.parse(url)
+              next unless uri.path =~ pattern && uri.query =~ /v=([0-9\.]+)/
+              return WPScan::Version.new(
+                Regexp.last_match[1],
+                found_by: found_by,
+                confidence: 50,
+                interesting_entries: [url]
+              )
+            end
+            nil
+          end
+        end
+      end
+    end
+  end
+end