WPScan: v3.5.3

04/26/2019 11:31 am

WPScan: v3.5.3

WPScan 3.5.3 – New Features & Fixes

  • Detection of wp-content:
    • Default wp-content is now checked directly (depends on detection-mode) while not detected via the homepage passively
    • Scope supplied is now considered when checking for the wp-content
    • content attribute of meta tags are now checked
    • Improvement of the detection from raw JS code
  • When enumerating plugins and themes, 301 are now ignored – Was causing more False Positive than False Negative
  • Wildcards in --scope, such as --scope *.cdn.org properly processed
  • Some Error Messages have been reworked
  • Detection of WordPress hosted blogs improved
  • Object allocations of Addressable::URI reduced by 50%