Search the Community
Showing results for tags 'v3.5.3'.
-
Introduction WPScan is a free and automated black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. You can use it to remotely scan WordPress installations, to find vulnerabilities within the core version, plugins, and themes. It’s maintained by the WPScan Team. Improvements: Detection of wp-content: Default wp-content is now checked directly (depends on detection-mode) while not detected via the homepage passively Scope supplied is now considered when checking for the wp-content – #1278 content attribute of meta tags are now checked Improvement of the detection from raw JS code When enumerating plugins and themes, 301 are now ignored – Was causing more False Positive than False Negative Wildcards in --scope, such as --scope *.cdn.org properly processed Some Error Messages have been reworked – #1335 Detection of WordPress hosted blogs improved Object allocations of Addressable::URI reduced by 50% [HIDE][Hidden Content]]