WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
wp-content
detected from links in homepage - Ref #1412wp-content
location is now checked regardless of the detection mode choose, if the directory could not be detected passively--scope
optionwp-content
folder in some cases - Ref #1411--plugins-threshold
and --themes-threshold
CLI options moved to the advanced section of the help (--hh
) - Ref #1399sitepress-multilingual-cms
DF causing False Positive - Ref #1386--disable-tls-checks
now tries to downgrade to TLSv1 to avoid SSL errors - Ref #1380Fixed unhandled error when performing password attack against wp-login.php and a 302 response only contained one cookie - Ref #1378