wpscan 3.8.3 → 3.8.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/password_attack.rb +2 -2
  3. data/app/models/theme.rb +1 -1
  4. data/lib/wpscan/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 658d14ca9901acb16c2da34ed977e5ad75296c4c8aba3e66ba897ffb5dd55f86
4
- data.tar.gz: 788c5a27c5bf10dba5b35e977c3efdfafca97944485cf605f03e34faf65ae68b
3
+ metadata.gz: 6874e488eedc61ce59fd7f285a5a0f92037dc26b2c61d3c99071108888836753
4
+ data.tar.gz: 2ebdafbc40f8289567ed0cfea3a75f2e32efa2af2da843a60232da2d14fbdf5c
5
5
  SHA512:
6
- metadata.gz: be04200a71b1d710d47e0a8be2b914731803a48c94a8da7bfa1ad777de8f1e103fe9ac785589d70ca905c389c369bd4567118bae6d3585f88f7bf12c52c053af
7
- data.tar.gz: 42f54d70d4aea2433c5b619abb5c516e731f7cfefafe9d4e0d8876956eb8470012e211b826c4790b1c7144ff091431906597b2e2a7c1cd63f25b07ab87013caf
6
+ metadata.gz: 3d811df1f9d9bce85806cd384098d60ba99660979b9c4d9bdec256fac0bcbb6da33329303e1b9c577e61946b7e639a56bd3b6c520e9c4fa911bd60724d004777
7
+ data.tar.gz: 8bba285823138ffbd3f5050c4eab699938076ff7e1805d07ccf62e8d6cf3dd2acb64be3931e1ba98201ed5494f13abfaece130b2b2d8a29d447d6fc88f1f2125
data/app/controllers/password_attack.rb CHANGED
@@ -88,8 +88,8 @@ module WPScan
88
88
  def xmlrpc_get_users_blogs_enabled?
89
89
  if xmlrpc&.enabled? &&
90
90
  xmlrpc.available_methods.include?('wp.getUsersBlogs') &&
91
- xmlrpc.method_call('wp.getUsersBlogs', [SecureRandom.hex[0, 6], SecureRandom.hex[0, 4]])
92
- .run.body !~ /XML-RPC services are disabled/
91
+ !xmlrpc.method_call('wp.getUsersBlogs', [SecureRandom.hex[0, 6], SecureRandom.hex[0, 4]])
92
+ .run.body.match?(/>\s*405\s*</)
93
93
 
94
94
  true
95
95
  else
data/app/models/theme.rb CHANGED
@@ -101,7 +101,7 @@ module WPScan
101
101
  #
102
102
  # @return [ String ]
103
103
  def parse_style_tag(body, tag)
104
- value = body[/#{Regexp.escape(tag)}:[\t ]*([^\r\n*]+)/i, 1]
104
+ value = body[/\b#{Regexp.escape(tag)}:[\t ]*([^\r\n*]+)/, 1]
105
105
 
106
106
  value && !value.strip.empty? ? value.strip : nil
107
107
  end
data/lib/wpscan/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module WPScan
5
- VERSION = '3.8.3'
5
+ VERSION = '3.8.4'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: wpscan
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.8.3
4
+ version: 3.8.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-17 00:00:00.000000000 Z
11
+ date: 2020-07-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: cms_scanner