wpscan 3.8.8 → 3.8.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +2 -2
- data/app/controllers/core.rb +2 -2
- data/app/controllers/password_attack.rb +2 -1
- data/app/controllers/vuln_api.rb +5 -2
- data/app/finders/interesting_findings.rb +2 -1
- data/app/finders/interesting_findings/php_disabled.rb +21 -0
- data/app/models/interesting_finding.rb +14 -0
- data/app/views/cli/vuln_api/status.erb +3 -3
- data/app/views/json/vuln_api/status.erb +1 -1
- data/lib/wpscan/browser.rb +1 -1
- data/lib/wpscan/db/vuln_api.rb +5 -3
- data/lib/wpscan/references.rb +1 -1
- data/lib/wpscan/target/platform/wordpress.rb +10 -9
- data/lib/wpscan/typhoeus/response.rb +2 -1
- data/lib/wpscan/version.rb +1 -1
- metadata +19 -18
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1b15205abaabe9c5d311ec5cbb471948a4c385f56bf22166800abecfa071b57a
|
|
4
|
+
data.tar.gz: f97caad190b0ceff2a35338989f701363fc33bf3ebdf65b722043b03656ac7fd
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b77be4cc33ec3c6c7f34cf4a89cd2528dd6f0dd8dde66352f10a96ec085a760282343401e1e75d7247a2e8671257e63894752cf0174025524e0702ed8e890cab
|
|
7
|
+
data.tar.gz: 801bf830858b01d41c819cd2ebb55b9927b429be71ef661895fde00afe3e1fd2823cc70034d30769842942d173579a363c49dea295873a98f5c95d7c0d00a88f
|
data/LICENSE
CHANGED
|
@@ -27,7 +27,7 @@ Example cases which do not require a commercial license, and thus fall under the
|
|
|
27
27
|
- Using WPScan to test your own systems.
|
|
28
28
|
- Any non-commercial use of WPScan.
|
|
29
29
|
|
|
30
|
-
If you need to purchase a commercial license or are unsure whether you need to purchase a commercial license contact us -
|
|
30
|
+
If you need to purchase a commercial license or are unsure whether you need to purchase a commercial license contact us - contact@wpscan.com.
|
|
31
31
|
|
|
32
32
|
Free-use Terms and Conditions;
|
|
33
33
|
|
data/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<p align="center">
|
|
2
|
-
<a href="https://wpscan.
|
|
2
|
+
<a href="https://wpscan.com/">
|
|
3
3
|
<img src="https://raw.githubusercontent.com/wpscanteam/wpscan/gh-pages/images/wpscan_logo.png" alt="WPScan logo">
|
|
4
4
|
</a>
|
|
5
5
|
</p>
|
|
@@ -176,7 +176,7 @@ Example cases which do not require a commercial license, and thus fall under the
|
|
|
176
176
|
- Using WPScan to test your own systems.
|
|
177
177
|
- Any non-commercial use of WPScan.
|
|
178
178
|
|
|
179
|
-
If you need to purchase a commercial license or are unsure whether you need to purchase a commercial license contact us -
|
|
179
|
+
If you need to purchase a commercial license or are unsure whether you need to purchase a commercial license contact us - contact@wpscan.com.
|
|
180
180
|
|
|
181
181
|
Free-use Terms and Conditions;
|
|
182
182
|
|
data/app/controllers/core.rb
CHANGED
|
@@ -8,13 +8,13 @@ module WPScan
|
|
|
8
8
|
def cli_options
|
|
9
9
|
[OptURL.new(['--url URL', 'The URL of the blog to scan'],
|
|
10
10
|
required_unless: %i[update help hh version], default_protocol: 'http')] +
|
|
11
|
-
super.drop(
|
|
11
|
+
super.drop(2) + # delete the --url and --force from CMSScanner
|
|
12
12
|
[
|
|
13
13
|
OptChoice.new(['--server SERVER', 'Force the supplied server module to be loaded'],
|
|
14
14
|
choices: %w[apache iis nginx],
|
|
15
15
|
normalize: %i[downcase to_sym],
|
|
16
16
|
advanced: true),
|
|
17
|
-
OptBoolean.new(['--force', 'Do not check if the target is running WordPress']),
|
|
17
|
+
OptBoolean.new(['--force', 'Do not check if the target is running WordPress or returns a 403']),
|
|
18
18
|
OptBoolean.new(['--[no-]update', 'Whether or not to update the Database'])
|
|
19
19
|
]
|
|
20
20
|
end
|
|
@@ -19,7 +19,8 @@ module WPScan
|
|
|
19
19
|
OptChoice.new(['--password-attack ATTACK',
|
|
20
20
|
'Force the supplied attack to be used rather than automatically determining one.'],
|
|
21
21
|
choices: %w[wp-login xmlrpc xmlrpc-multicall],
|
|
22
|
-
normalize: %i[downcase underscore to_sym])
|
|
22
|
+
normalize: %i[downcase underscore to_sym]),
|
|
23
|
+
OptString.new(['--login-uri URI', 'The URI of the login page if different from /wp-login.php'])
|
|
23
24
|
]
|
|
24
25
|
end
|
|
25
26
|
|
data/app/controllers/vuln_api.rb
CHANGED
|
@@ -8,7 +8,10 @@ module WPScan
|
|
|
8
8
|
|
|
9
9
|
def cli_options
|
|
10
10
|
[
|
|
11
|
-
OptString.new(
|
|
11
|
+
OptString.new(
|
|
12
|
+
['--api-token TOKEN',
|
|
13
|
+
'The WPScan API Token to display vulnerability data, available at https://wpscan.com/profile']
|
|
14
|
+
)
|
|
12
15
|
]
|
|
13
16
|
end
|
|
14
17
|
|
|
@@ -19,7 +22,7 @@ module WPScan
|
|
|
19
22
|
|
|
20
23
|
api_status = DB::VulnApi.status
|
|
21
24
|
|
|
22
|
-
raise Error::InvalidApiToken if api_status['
|
|
25
|
+
raise Error::InvalidApiToken if api_status['status'] == 'forbidden'
|
|
23
26
|
raise Error::ApiLimitReached if api_status['requests_remaining'] == 0
|
|
24
27
|
raise api_status['http_error'] if api_status['http_error']
|
|
25
28
|
end
|
|
@@ -6,6 +6,7 @@ require_relative 'interesting_findings/multisite'
|
|
|
6
6
|
require_relative 'interesting_findings/debug_log'
|
|
7
7
|
require_relative 'interesting_findings/backup_db'
|
|
8
8
|
require_relative 'interesting_findings/mu_plugins'
|
|
9
|
+
require_relative 'interesting_findings/php_disabled'
|
|
9
10
|
require_relative 'interesting_findings/registration'
|
|
10
11
|
require_relative 'interesting_findings/tmm_db_migrate'
|
|
11
12
|
require_relative 'interesting_findings/upload_sql_dump'
|
|
@@ -26,7 +27,7 @@ module WPScan
|
|
|
26
27
|
%w[
|
|
27
28
|
Readme DebugLog FullPathDisclosure BackupDB DuplicatorInstallerLog
|
|
28
29
|
Multisite MuPlugins Registration UploadDirectoryListing TmmDbMigrate
|
|
29
|
-
UploadSQLDump EmergencyPwdResetScript WPCron
|
|
30
|
+
UploadSQLDump EmergencyPwdResetScript WPCron PHPDisabled
|
|
30
31
|
].each do |f|
|
|
31
32
|
finders << InterestingFindings.const_get(f).new(target)
|
|
32
33
|
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module WPScan
|
|
4
|
+
module Finders
|
|
5
|
+
module InterestingFindings
|
|
6
|
+
# See https://github.com/wpscanteam/wpscan/issues/1593
|
|
7
|
+
class PHPDisabled < CMSScanner::Finders::Finder
|
|
8
|
+
PATTERN = /\$wp_version =/.freeze
|
|
9
|
+
|
|
10
|
+
# @return [ InterestingFinding ]
|
|
11
|
+
def aggressive(_opts = {})
|
|
12
|
+
path = 'wp-includes/version.php'
|
|
13
|
+
|
|
14
|
+
return unless PATTERN.match?(target.head_and_get(path).body)
|
|
15
|
+
|
|
16
|
+
Model::PHPDisabled.new(target.url(path), confidence: 100, found_by: DIRECT_ACCESS)
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -132,5 +132,19 @@ module WPScan
|
|
|
132
132
|
}
|
|
133
133
|
end
|
|
134
134
|
end
|
|
135
|
+
|
|
136
|
+
class PHPDisabled < InterestingFinding
|
|
137
|
+
# @return [ String ]
|
|
138
|
+
def to_s
|
|
139
|
+
@to_s ||= 'PHP seems to be disabled'
|
|
140
|
+
end
|
|
141
|
+
|
|
142
|
+
# @return [ Hash ]
|
|
143
|
+
def references
|
|
144
|
+
@references ||= {
|
|
145
|
+
url: ['https://github.com/wpscanteam/wpscan/issues/1593']
|
|
146
|
+
}
|
|
147
|
+
end
|
|
148
|
+
end
|
|
135
149
|
end
|
|
136
150
|
end
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
<% unless @status.empty? -%>
|
|
2
2
|
<% if @status['http_error'] -%>
|
|
3
|
-
<%= critical_icon %>
|
|
3
|
+
<%= critical_icon %> WPScan DB API, <%= @status['http_error'].to_s %>
|
|
4
4
|
<% else -%>
|
|
5
|
-
<%= info_icon %>
|
|
5
|
+
<%= info_icon %> WPScan DB API OK
|
|
6
6
|
| Plan: <%= @status['plan'] %>
|
|
7
7
|
| Requests Done (during the scan): <%= @api_requests %>
|
|
8
8
|
| Requests Remaining: <%= @status['requests_remaining'] %>
|
|
9
9
|
<% end -%>
|
|
10
10
|
<% else -%>
|
|
11
|
-
<%= warning_icon %> No
|
|
11
|
+
<%= warning_icon %> No WPScan API Token given, as a result vulnerability data has not been output.
|
|
12
12
|
<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpscan.com/register
|
|
13
13
|
<% end -%>
|
|
@@ -8,6 +8,6 @@
|
|
|
8
8
|
"requests_remaining": <%= @status['requests_remaining'].to_json %>
|
|
9
9
|
<% end -%>
|
|
10
10
|
<% else -%>
|
|
11
|
-
"error": "No
|
|
11
|
+
"error": "No WPScan API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register"
|
|
12
12
|
<% end -%>
|
|
13
13
|
},
|
data/lib/wpscan/browser.rb
CHANGED
data/lib/wpscan/db/vuln_api.rb
CHANGED
|
@@ -4,7 +4,7 @@ module WPScan
|
|
|
4
4
|
module DB
|
|
5
5
|
# WPVulnDB API
|
|
6
6
|
class VulnApi
|
|
7
|
-
NON_ERROR_CODES = [200,
|
|
7
|
+
NON_ERROR_CODES = [200, 403].freeze
|
|
8
8
|
|
|
9
9
|
class << self
|
|
10
10
|
attr_accessor :token
|
|
@@ -26,7 +26,7 @@ module WPScan
|
|
|
26
26
|
# Typhoeus.get is used rather than Browser.get to avoid merging irrelevant params from the CLI
|
|
27
27
|
res = Typhoeus.get(uri.join(path), default_request_params.merge(params))
|
|
28
28
|
|
|
29
|
-
return {} if res.code == 404
|
|
29
|
+
return {} if res.code == 404 || res.code == 429
|
|
30
30
|
return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code)
|
|
31
31
|
|
|
32
32
|
raise Error::HTTP, res
|
|
@@ -34,6 +34,8 @@ module WPScan
|
|
|
34
34
|
retries ||= 0
|
|
35
35
|
|
|
36
36
|
if (retries += 1) <= 3
|
|
37
|
+
@default_request_params[:headers]['X-Retry'] = retries
|
|
38
|
+
|
|
37
39
|
sleep(1)
|
|
38
40
|
retry
|
|
39
41
|
end
|
|
@@ -68,7 +70,7 @@ module WPScan
|
|
|
68
70
|
# @return [ Hash ]
|
|
69
71
|
# @note Those params can not be overriden by CLI options
|
|
70
72
|
def self.default_request_params
|
|
71
|
-
Browser.instance.default_connect_request_params.merge(
|
|
73
|
+
@default_request_params ||= Browser.instance.default_connect_request_params.merge(
|
|
72
74
|
headers: {
|
|
73
75
|
'User-Agent' => Browser.instance.default_user_agent,
|
|
74
76
|
'Authorization' => "Token token=#{token}"
|
data/lib/wpscan/references.rb
CHANGED
|
@@ -11,9 +11,10 @@ module WPScan
|
|
|
11
11
|
module WordPress
|
|
12
12
|
include CMSScanner::Target::Platform::PHP
|
|
13
13
|
|
|
14
|
-
WORDPRESS_PATTERN
|
|
15
|
-
|
|
16
|
-
|
|
14
|
+
WORDPRESS_PATTERN = %r{/(?:(?:wp-content/(?:themes|(?:mu-)?plugins|uploads))|wp-includes)/}i.freeze
|
|
15
|
+
WORDPRESS_HOSTED_PATTERN = %r{https?://s\d\.wp\.com#{WORDPRESS_PATTERN}}i.freeze
|
|
16
|
+
WP_JSON_OEMBED_PATTERN = %r{/wp-json/oembed/}i.freeze
|
|
17
|
+
WP_ADMIN_AJAX_PATTERN = %r{\\?/wp-admin\\?/admin-ajax\.php}i.freeze
|
|
17
18
|
|
|
18
19
|
# These methods are used in the associated interesting_findings finders
|
|
19
20
|
# to keep the boolean state of the finding rather than re-check the whole thing again
|
|
@@ -103,11 +104,8 @@ module WPScan
|
|
|
103
104
|
return true if /\.wordpress\.com$/i.match?(uri.host)
|
|
104
105
|
|
|
105
106
|
unless content_dir
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
uris_from_page(homepage_res, xpath) do |uri|
|
|
110
|
-
return true if uri.to_s.match?(pattern)
|
|
107
|
+
uris_from_page(homepage_res, '(//@href|//@src)[contains(., "wp.com")]') do |uri|
|
|
108
|
+
return true if uri.to_s.match?(WORDPRESS_HOSTED_PATTERN)
|
|
111
109
|
end
|
|
112
110
|
end
|
|
113
111
|
|
|
@@ -139,11 +137,14 @@ module WPScan
|
|
|
139
137
|
# the first time the method is called, and the effective_url is then used
|
|
140
138
|
# if suitable, otherwise the default wp-login will be.
|
|
141
139
|
#
|
|
140
|
+
# If the login_uri CLI option has been provided, it will be returne w/o redirection check.
|
|
141
|
+
#
|
|
142
142
|
# @return [ String, false ] The URL to the login page or false if not detected
|
|
143
143
|
def login_url
|
|
144
144
|
return @login_url unless @login_url.nil?
|
|
145
|
+
return @login_url = url(ParsedCli.login_uri) if ParsedCli.login_uri
|
|
145
146
|
|
|
146
|
-
@login_url = url('wp-login.php')
|
|
147
|
+
@login_url = url('wp-login.php')
|
|
147
148
|
|
|
148
149
|
res = Browser.get_and_follow_location(@login_url)
|
|
149
150
|
|
|
@@ -7,7 +7,8 @@ module Typhoeus
|
|
|
7
7
|
#
|
|
8
8
|
# @return [ Boolean ]
|
|
9
9
|
def from_vuln_api?
|
|
10
|
-
effective_url.start_with?(WPScan::DB::VulnApi.uri.to_s) &&
|
|
10
|
+
effective_url.start_with?(WPScan::DB::VulnApi.uri.to_s) &&
|
|
11
|
+
!effective_url.start_with?(WPScan::DB::VulnApi.uri.join('status').to_s)
|
|
11
12
|
end
|
|
12
13
|
end
|
|
13
14
|
end
|
data/lib/wpscan/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: wpscan
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.8.
|
|
4
|
+
version: 3.8.13
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WPScanTeam
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-01-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: cms_scanner
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.13.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.13.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: bundler
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -44,14 +44,14 @@ dependencies:
|
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.
|
|
47
|
+
version: 1.0.0
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.
|
|
54
|
+
version: 1.0.0
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: rake
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -72,14 +72,14 @@ dependencies:
|
|
|
72
72
|
requirements:
|
|
73
73
|
- - "~>"
|
|
74
74
|
- !ruby/object:Gem::Version
|
|
75
|
-
version: 3.
|
|
75
|
+
version: 3.10.0
|
|
76
76
|
type: :development
|
|
77
77
|
prerelease: false
|
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
|
79
79
|
requirements:
|
|
80
80
|
- - "~>"
|
|
81
81
|
- !ruby/object:Gem::Version
|
|
82
|
-
version: 3.
|
|
82
|
+
version: 3.10.0
|
|
83
83
|
- !ruby/object:Gem::Dependency
|
|
84
84
|
name: rspec-its
|
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -100,42 +100,42 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version:
|
|
103
|
+
version: 1.8.0
|
|
104
104
|
type: :development
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version:
|
|
110
|
+
version: 1.8.0
|
|
111
111
|
- !ruby/object:Gem::Dependency
|
|
112
112
|
name: rubocop-performance
|
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
117
|
+
version: 1.9.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
124
|
+
version: 1.9.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: simplecov
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 0.
|
|
131
|
+
version: 0.21.0
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 0.
|
|
138
|
+
version: 0.21.0
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: simplecov-lcov
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -170,17 +170,17 @@ dependencies:
|
|
|
170
170
|
requirements:
|
|
171
171
|
- - "~>"
|
|
172
172
|
- !ruby/object:Gem::Version
|
|
173
|
-
version: 3.
|
|
173
|
+
version: 3.11.0
|
|
174
174
|
type: :development
|
|
175
175
|
prerelease: false
|
|
176
176
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
177
|
requirements:
|
|
178
178
|
- - "~>"
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
|
-
version: 3.
|
|
180
|
+
version: 3.11.0
|
|
181
181
|
description: WPScan is a black box WordPress vulnerability scanner.
|
|
182
182
|
email:
|
|
183
|
-
-
|
|
183
|
+
- contact@wpscan.com
|
|
184
184
|
executables:
|
|
185
185
|
- wpscan
|
|
186
186
|
extensions: []
|
|
@@ -213,6 +213,7 @@ files:
|
|
|
213
213
|
- app/finders/interesting_findings/full_path_disclosure.rb
|
|
214
214
|
- app/finders/interesting_findings/mu_plugins.rb
|
|
215
215
|
- app/finders/interesting_findings/multisite.rb
|
|
216
|
+
- app/finders/interesting_findings/php_disabled.rb
|
|
216
217
|
- app/finders/interesting_findings/readme.rb
|
|
217
218
|
- app/finders/interesting_findings/registration.rb
|
|
218
219
|
- app/finders/interesting_findings/tmm_db_migrate.rb
|
|
@@ -377,7 +378,7 @@ files:
|
|
|
377
378
|
- lib/wpscan/version.rb
|
|
378
379
|
- lib/wpscan/vulnerability.rb
|
|
379
380
|
- lib/wpscan/vulnerable.rb
|
|
380
|
-
homepage: https://wpscan.
|
|
381
|
+
homepage: https://wpscan.com/wordpress-security-scanner
|
|
381
382
|
licenses:
|
|
382
383
|
- Dual
|
|
383
384
|
metadata: {}
|