Wpscan Versions Save

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

v3.8.25

6 months ago

What's Changed

Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/wpscanteam/wpscan/pull/1798
Update webmock requirement from ~> 3.18.1 to ~> 3.19.1 by @dependabot in https://github.com/wpscanteam/wpscan/pull/1797
Bump docker/login-action from 2.1.0 to 2.2.0 by @dependabot in https://github.com/wpscanteam/wpscan/pull/1785

Full Changelog: https://github.com/wpscanteam/wpscan/compare/v3.8.24...v3.8.25

v3.8.24

10 months ago

This is a management release to ensure that the gem is properly pushed to the rubygems channel, as this has failed with the last tagged release. No functionality has changed since v3.8.23.

v3.8.23

10 months ago

Minor:
- Updated --password-attack help text to mentions that xmlrpc multi call attack will only work against WP < 4.4 - Ref #1755
- Fixed a small bug where the API calls would fail when both a proxy with authentication and an API token were used at the same time - ref #1783

v3.8.22

2 years ago

See https://github.com/wpscanteam/CMSScanner/releases/tag/v0.13.8

Minor:
- Better handling of redirection, ie when target http->https (or the opposite), the target URL will be changed to the new one automatically to avoid scanning the http version and getting 301 which could result in items being missed
- Better handling of unsupported HEAD method by checking for 501 and timeout as well

v3.8.21

2 years ago

Minor
- Improved plugin version detection via changelog section in the Readme - Ref #1692
- Fixed deprecation warnings - Ref #1709

v3.8.20

2 years ago

Minor:
- Added patch for Homebrew

v3.8.19

2 years ago

Minor:
- New version for updated dependencies

v3.8.18

2 years ago

Minor:
- Fixed incorrect generation of DB Export locations when the target is an IP address - Ref #1638
- Added subdomain in DB Backup files checked - Ref #1642
- Updated WP Version output to handle future status such as latest-in-branch - Ref #1649
- Fixed a crash when psych >= 4.0.0 was installed on the system running WPScan - Ref #1646

v3.8.17

3 years ago

Minor:
- When checking the full response during Enumeration, valid_response_codes are now also considered
- --exclude-usernames option added

v3.8.16

3 years ago

Minor:
- introduced_in field returned by the API is now handled
- Fixed Incorrect required long option value when an error is raised - Ref https://github.com/wpscanteam/OptParseValidator/issues/84