Releases: wpscanteam/wpscan
Releases · wpscanteam/wpscan
v3.7.10
- Message added to error raised when there is a checksum mismatch during update, asking the user to try again in a few minute.
- Fixes non detection of plugins/themes when the main 404 is a redirection and the plugins/themes checked return empty 200 responses
- API Token can now be loaded from the ENV variable
WPSCAN_API_TOKEN
if present.
v3.7.9
- Avoid sending irrelevant request params (such as cookies and headers) when updating and checking VulnAPI - Ref #1451
- Target IP address added to output - Ref #1088
- Time to detect non WP sites greatly reduced when there are a lot of links in the homepage.
- Passive scanning time reduced when there are a lot of links in the homepage.
v3.7.8
v3.7.7
v3.7.6
v3.7.5
v3.7.4
- Fixed Incorrect
wp-content
detected from links in homepage - Ref #1412 - Fixed exception raised by old version of activesupport in some cases - Ref #1419
- WPScan can now run on Windows, thanks @Reelix - Ref wpscanteam/CMSScanner#114
- Adds detection of WP, Plugins, Themes, Main Themes and their versions from 404
v3.7.3
- Fixed Incorrect parsing of theme data when new lines before/after comments were stripped from the CSS file - Ref #1404
- Improved passive detection of WordPress
- Default
wp-content
location is now checked regardless of the detection mode choose, if the directory could not be detected passively - Fixed empty username returned in some cases when detected via Author ID brute forcing.
- Fixed an issue where some plugins/themes were not detected when using he
--scope
option - Fixed incorrect detection of the
wp-content
folder in some cases - Ref #1411