WPScan 3.5.3 – New Features & Fixes
- Detection of wp-content:
- Default wp-content is now checked directly (depends on detection-mode) while not detected via the homepage passively
- Scope supplied is now considered when checking for the wp-content
content
attribute of meta tags are now checked- Improvement of the detection from raw JS code
- When enumerating plugins and themes, 301 are now ignored – Was causing more False Positive than False Negative
- Wildcards in
--scope
, such as--scope *.cdn.org
properly processed - Some Error Messages have been reworked
- Detection of WordPress hosted blogs improved
- Object allocations of Addressable::URI reduced by 50%
Directly related posts: