From 0a73b21fab763e9fbb1e3c62dd99b035c393d6b7 Mon Sep 17 00:00:00 2001 From: Lai Power Date: Sun, 25 Jul 2021 23:25:13 +0000 Subject: [PATCH] updated plugin `WPScan` version 1.15.4 --- .../plugins/wpscan/app/Checks/System.php | 48 +--------- wp-content/plugins/wpscan/app/Plugin.php | 31 +++---- wp-content/plugins/wpscan/app/Report.php | 93 ++++++++++++++++--- wp-content/plugins/wpscan/app/Settings.php | 26 +++++- wp-content/plugins/wpscan/app/Summary.php | 8 +- .../wpscan/app/ignoreVulnerabilities.php | 8 +- .../plugins/wpscan/assets/css/style.css | 8 +- .../wpscan/assets/js/download-report.js | 45 +++++---- wp-content/plugins/wpscan/readme.txt | 14 ++- .../database-exports/check.php | 2 +- .../security-checks/debuglog-files/check.php | 2 +- .../wpscan/security-checks/https/check.php | 2 +- .../security-checks/secret-keys/check.php | 2 +- .../security-checks/version-control/check.php | 2 +- .../security-checks/weak-passwords/check.php | 2 +- .../wpconfig-backups/check.php | 2 +- .../security-checks/xmlrpc-enabled/check.php | 4 +- wp-content/plugins/wpscan/views/report.php | 83 +++++++++-------- wp-content/plugins/wpscan/wpscan.php | 2 +- 19 files changed, 228 insertions(+), 156 deletions(-) diff --git a/wp-content/plugins/wpscan/app/Checks/System.php b/wp-content/plugins/wpscan/app/Checks/System.php index 340fdc5d..e07dc083 100644 --- a/wp-content/plugins/wpscan/app/Checks/System.php +++ b/wp-content/plugins/wpscan/app/Checks/System.php @@ -24,6 +24,7 @@ class System { // Current running events. public $current_running = ''; + /** * A list of registered checks. * @@ -158,51 +159,12 @@ class System { } } - /** - * List vulnerabilities in the report. - * - * @param object $check - The check instance. - * - * @access public - * @return string - * @since 1.0.0 - * - */ - public function list_check_vulnerabilities( $instance ) { - $vulnerabilities = $instance->get_vulnerabilities(); - $count = $instance->get_vulnerabilities_count(); - $ignored = $this->parent->get_ignored_vulnerabilities(); - - $not_checked_text = __( 'Not checked yet. Click the Run button to run a scan', 'wpscan' ); - - if ( ! isset( $vulnerabilities ) ) { - echo esc_html( $not_checked_text ); - } elseif ( empty( $vulnerabilities ) || 0 === $count ) { - echo esc_html( $instance->success_message() ); - } else { - $list = array(); - - foreach ( $vulnerabilities as $item ) { - if ( in_array( $item['id'], $ignored, true ) ) { - continue; - } - - $html = "
"; - $html .= ""; - $html .= "" . esc_html( $item['severity'] ) .""; - $html .= ''; - $html .= "
" . wp_kses( $item['title'], array( 'a' => array( 'href' => array() ) ) ) . '
'; - $html .= "
Click here for further info
"; - $html .= '
'; - $list[] = $html; - } - - echo join( '
', $list ); - } - } - /** * Return vulnerabilities in the report. + * + * This is very similar, but subtly different to + * Report->list_security_check_vulnerabilities(). + * Should see if they could be merged. * * @param object $check - The check instance. * diff --git a/wp-content/plugins/wpscan/app/Plugin.php b/wp-content/plugins/wpscan/app/Plugin.php index d10dbebd..2a204dff 100644 --- a/wp-content/plugins/wpscan/app/Plugin.php +++ b/wp-content/plugins/wpscan/app/Plugin.php @@ -14,10 +14,11 @@ defined( 'ABSPATH' ) || exit; */ class Plugin { // Settings. - public $OPT_API_TOKEN = 'wpscan_api_token'; + public $OPT_API_TOKEN = 'wpscan_api_token'; public $OPT_SCANNING_INTERVAL = 'wpscan_scanning_interval'; - public $OPT_SCANNING_TIME = 'wpscan_scanning_time'; - public $OPT_IGNORE_ITEMS = 'wpscan_ignore_items'; + public $OPT_SCANNING_TIME = 'wpscan_scanning_time'; + public $OPT_IGNORE_ITEMS = 'wpscan_ignore_items'; + public $OPT_DISABLE_CHECKS = 'wpscan_disable_security_checks'; // Account. public $OPT_ACCOUNT_STATUS = 'wpscan_account_status'; @@ -52,9 +53,6 @@ class Plugin { // Plugin path. public $plugin_dir = ''; - // Plugin URI. - public $plugin_url = ''; - // Page. public $page_hook = 'toplevel_page_wpscan'; @@ -73,7 +71,6 @@ class Plugin { */ public function __construct() { $this->plugin_dir = trailingslashit( str_replace( '\\', '/', dirname( WPSCAN_PLUGIN_FILE ) ) ); - $this->plugin_url = site_url( str_replace( str_replace( '\\', '/', ABSPATH ), '', $this->plugin_dir ) ); // Languages. load_plugin_textdomain( 'wpscan', false, $this->plugin_dir . 'languages' ); @@ -387,7 +384,7 @@ class Plugin { $this->WPSCAN_ROLE, 'wpscan', array( $this->classes['report'], 'page' ), - $this->plugin_url . 'assets/svg/menu-icon.svg', + plugin_dir_url( dirname( __FILE__ ) ) . 'assets/svg/menu-icon.svg', null ); } @@ -554,18 +551,20 @@ class Plugin { } // Security checks. - $this->report['security-checks'] = array(); + if ( get_option( $this->OPT_DISABLE_CHECKS, array() ) !== '1' ) { + $this->report['security-checks'] = array(); - foreach ( $this->classes['checks/system']->checks as $id => $data ) { - $data['instance']->perform(); - $this->report['security-checks'][ $id ]['vulnerabilities'] = array(); + foreach ( $this->classes['checks/system']->checks as $id => $data ) { + $data['instance']->perform(); + $this->report['security-checks'][ $id ]['vulnerabilities'] = array(); - if ( $data['instance']->vulnerabilities ) { - $this->report['security-checks'][ $id ]['vulnerabilities'] = $data['instance']->get_vulnerabilities(); + if ( $data['instance']->vulnerabilities ) { + $this->report['security-checks'][ $id ]['vulnerabilities'] = $data['instance']->get_vulnerabilities(); - $this->maybe_fire_issue_found_action( 'security-check', $id, $this->report['security-checks'][ $id ] ); + $this->maybe_fire_issue_found_action( 'security-check', $id, $this->report['security-checks'][ $id ] ); + } } - } + } // Caching. $this->report['cache'] = strtotime( current_time( 'mysql' ) ); diff --git a/wp-content/plugins/wpscan/app/Report.php b/wp-content/plugins/wpscan/app/Report.php index b73553a5..d119b28b 100644 --- a/wp-content/plugins/wpscan/app/Report.php +++ b/wp-content/plugins/wpscan/app/Report.php @@ -63,6 +63,37 @@ class Report include $this->parent->plugin_dir . '/views/report.php'; } + /** + * Get vulnerability status based on fixed_in + * + * @since 1.15.2 + * @access public + * @return string + */ + public function status( $vulnerability ) { + return empty( $vulnerability->fixed_in ) + ? __( 'We are not aware of a fix for this vulnerability.', 'wpscan' ) + : sprintf( __( 'This vulnerability was fixed in version %s. We recommend that you update as soon as possible.', 'wpscan' ), esc_html( $vulnerability->fixed_in ) ); + } + + /** + * HTML markup for the vulnerability details + * + * @since 1.15.2 + * @access public + * @return string + */ + public function vulnerability_output( $vulnerability ) { + $html = '
'; + $html .= '

' . esc_html( $vulnerability->title ) . '

'; + $html .= '

' . $this->status( $vulnerability ) . '

'; + $html .= $this->vulnerability_severity( $vulnerability ); + $html .= '

Click here for further details

'; + $html .= '
'; + + return $html; + } + /** * List vulnerabilities on screen * @@ -99,21 +130,14 @@ class Report usort( $report['vulnerabilities'], array( 'self', 'sort_vulnerabilities' ) ); - foreach ( $report['vulnerabilities'] as $item ) { - $id = 'security-checks' === $type ? $item['id'] : $item->id; + foreach ( $report['vulnerabilities'] as $vulnerability ) { + $id = 'security-checks' === $type ? $vulnerability['id'] : $vulnerability->id; if ( in_array( $id, $ignored, true ) ) { continue; } - $html = '
'; - $html .= $this->vulnerability_severity( $item ); - $html .= ''; - $html .= $this->parent->get_sanitized_vulnerability_title( $item ); - $html .= ''; - $html .= '
'; - - $list[] = $html; + $list[] = $this->vulnerability_output( $vulnerability ); } echo empty( $list ) ? $null_text : join( '
', $list ); @@ -123,6 +147,53 @@ class Report } } + /** + * List security check vulnerabilities in the report. + * This should be merged with the list_api_vulnerabilities() function, + * in the future, if anyone can figure out how... + * + * @param object $check - The check instance. + * + * @access public + * @return string + * @since 1.0.0 + * + */ + public function list_security_check_vulnerabilities( $instance ) { + $vulnerabilities = $instance->get_vulnerabilities(); + $count = $instance->get_vulnerabilities_count(); + $ignored = $this->parent->get_ignored_vulnerabilities(); + + $not_checked_text = __( 'Not checked yet. Click the Run button to run a scan', 'wpscan' ); + + if ( ! isset( $vulnerabilities ) ) { + echo esc_html( $not_checked_text ); + } elseif ( empty( $vulnerabilities ) || 0 === $count ) { + echo esc_html( $instance->success_message() ); + } else { + $list = array(); + + foreach ( $vulnerabilities as $vulnerability ) { + if ( in_array( $vulnerability['id'], $ignored, true ) ) { + continue; + } + + $html = "
"; + $html .= "

" . wp_kses( $vulnerability['title'], array( 'a' => array( 'href' => array() ) ) ) . '


'; + $html .= "

"; + $html .= "" . esc_html( $vulnerability['severity'] ) ." Severity"; + $html .= '

'; + $html .= "

Click here for further details

"; + $html .= '
'; + + $list[] = $html; + } + + echo join( '
', $list ); + } + } + + /** * Sort vulnerabilities by severity * @@ -155,7 +226,7 @@ class Report if ( isset( $vulnerability->cvss->severity ) ) { $severity = $vulnerability->cvss->severity; - $html .= "" . esc_html( $severity ) . ''; + $html .= "" . esc_html( $severity ) . ' Severity'; } $html .= ''; diff --git a/wp-content/plugins/wpscan/app/Settings.php b/wp-content/plugins/wpscan/app/Settings.php index 673cc0c4..f77523c6 100644 --- a/wp-content/plugins/wpscan/app/Settings.php +++ b/wp-content/plugins/wpscan/app/Settings.php @@ -82,6 +82,7 @@ class Settings { register_setting( $this->page, $this->parent->OPT_IGNORE_ITEMS ); register_setting( $this->page, $this->parent->OPT_SCANNING_INTERVAL, 'sanitize_text_field' ); register_setting( $this->page, $this->parent->OPT_SCANNING_TIME, 'sanitize_text_field' ); + register_setting( $this->page, $this->parent->OPT_DISABLE_CHECKS, array( 'type' => 'boolean', 'default' => '0' ) ); $section = $this->page . '_section'; @@ -116,6 +117,14 @@ class Settings { $section ); + add_settings_field( + $this->parent->OPT_DISABLE_CHECKS, + __( 'Disable Security Checks', 'wpscan' ), + array( $this, 'field_disable_security_checks' ), + $this->page, + $section + ); + add_settings_field( $this->parent->OPT_IGNORE_ITEMS, __( 'Ignore Items', 'wpscan' ), @@ -197,7 +206,7 @@ class Settings { */ public function page() { echo '
'; - echo '

WPScan

'; + echo '

WPScan

'; echo '

' . __( 'Settings', 'wpscan' ) . '

'; @@ -323,6 +332,21 @@ class Settings { echo '


'; } + /** + * Disable security checks field + * + * @since 1.15.2 + * @access public + * @return string + */ + public function field_disable_security_checks() { + $opt = $this->parent->OPT_DISABLE_CHECKS; + + $value = get_option( $opt, array() ); + $checked = $value === '1' ? 'checked' : null; + + echo ""; + } /** * Ignore items field diff --git a/wp-content/plugins/wpscan/app/Summary.php b/wp-content/plugins/wpscan/app/Summary.php index a5d36265..7460b8a6 100644 --- a/wp-content/plugins/wpscan/app/Summary.php +++ b/wp-content/plugins/wpscan/app/Summary.php @@ -25,7 +25,11 @@ class Summary { add_action( 'admin_init', array( $this, 'add_meta_box_summary' ) ); add_action( 'wp_ajax_wpscan_check_now', array( $this, 'ajax_check_now' ) ); - add_action( 'wp_ajax_wpscan_security_check_now', array( $this, 'ajax_security_check_now' ) ); + + if ( get_option( $this->parent->OPT_DISABLE_CHECKS, array() ) !== '1' ) { + add_action( 'wp_ajax_wpscan_security_check_now', array( $this, 'ajax_security_check_now' ) ); + } + add_action( 'wp_ajax_' . $this->parent->WPSCAN_TRANSIENT_CRON, array( $this, 'ajax_doing_cron' ) ); } @@ -161,7 +165,7 @@ class Summary { } /** - * Ajax scurity check now + * Ajax security check now * * @return void * @since 1.0.0 diff --git a/wp-content/plugins/wpscan/app/ignoreVulnerabilities.php b/wp-content/plugins/wpscan/app/ignoreVulnerabilities.php index 9f12c7a7..a13f4e1f 100644 --- a/wp-content/plugins/wpscan/app/ignoreVulnerabilities.php +++ b/wp-content/plugins/wpscan/app/ignoreVulnerabilities.php @@ -127,9 +127,11 @@ class ignoreVulnerabilities { foreach ( wp_get_themes() as $name => $details ) { $this->list_vulnerabilities_to_ignore( 'themes', $this->parent->get_theme_slug( $name, $details ) ); } - - foreach ( $this->parent->classes['checks/system']->checks as $id => $data ) { - $this->list_vulnerabilities_to_ignore( 'security-checks', $id ); + + if ( get_option( $this->parent->OPT_DISABLE_CHECKS, array() ) !== '1' ) { + foreach ( $this->parent->classes['checks/system']->checks as $id => $data ) { + $this->list_vulnerabilities_to_ignore( 'security-checks', $id ); + } } } diff --git a/wp-content/plugins/wpscan/assets/css/style.css b/wp-content/plugins/wpscan/assets/css/style.css index baf1cc0f..74a77bf9 100644 --- a/wp-content/plugins/wpscan/assets/css/style.css +++ b/wp-content/plugins/wpscan/assets/css/style.css @@ -161,11 +161,10 @@ .vulnerability-severity { float: left; - min-width: 60px; - margin-right: 20px; + min-width: 100px; } -.vulnerability-title { +.vulnerability-title .vulnerability-status .vulnerability-link { float: left; } @@ -175,9 +174,8 @@ text-align: center; border-radius: 3px; font-size: 11px; - margin: 6px 0px 0px 0px; line-height: 19px; - min-width: 60px; + min-width: 100px; color: #4e645a; background: #c6e1d5; } diff --git a/wp-content/plugins/wpscan/assets/js/download-report.js b/wp-content/plugins/wpscan/assets/js/download-report.js index e0aa2ad2..22742a64 100644 --- a/wp-content/plugins/wpscan/assets/js/download-report.js +++ b/wp-content/plugins/wpscan/assets/js/download-report.js @@ -360,8 +360,7 @@ jQuery(document).ready(function ($) { const topTableBorder = is_wordpress_section ? 'WPTableLine' : 'tableLine'; - // name - + // Name table.table.body[1].push({ text: 'Name', style: 'tableHeader', @@ -369,7 +368,7 @@ jQuery(document).ready(function ($) { }); table.table.widths.push(149); - // version + // Version if (!is_security_checks) { table.table.body[1].push({ text: 'Version', @@ -407,9 +406,9 @@ jQuery(document).ready(function ($) { .each(function () { let row = []; - // Item title - let itemTitle = $(this).find('.plugin-title strong').text().trim(); - + // Item name + let itemTitle = is_wordpress_section ? 'WordPress' : $(this).find('.plugin-title strong').text().trim(); + if ($(this).find('.plugin-title .item-closed').length) { itemTitle = itemTitle + @@ -425,12 +424,11 @@ jQuery(document).ready(function ($) { }); // Item version + let itemVersion = is_wordpress_section ? $(this).find('#wordpress-version').text().trim() : $(this).find('.plugin-title .item-version span').text().trim(); + if (!is_security_checks) { row.push({ - text: $(this) - .find('.plugin-title .item-version span') - .text() - .trim(), + text: itemVersion, style: 'resTable', borderColor, }); @@ -450,19 +448,20 @@ jQuery(document).ready(function ($) { .find('.vulnerabilities .vulnerability') .each(function () { let item = $(this).clone(); - let linkText = - item.find('.vulnerability-severity span').text().trim() + ' - '; - item.find('.vulnerability-severity span').remove(); - linkText = linkText + item.text().trim(); - linkText = linkText.charAt(0).toUpperCase() + linkText.slice(1); + let title = item.find('.vulnerability-title').text().trim(); + let status = item.find('.vulnerability-status').text().trim(); + let severity = item.find('.vulnerability-severity span').text().trim(); + let link_text = item.find('.vulnerability-link').text().trim(); + let link_href = item.find('.vulnerability-link a').attr('href'); - col.stack.push({ - text: linkText, - link: $(this).attr('href'), - style: 'resTable', - lineHeight: 2, - borderColor, - }); + let vulnerability_text = [ + { text: title, style: 'resTable' }, + { text: status, style: 'resTable' }, + { text: severity.charAt(0).toUpperCase() + severity.slice(1), style: 'resTable' }, + { text: link_text, link: link_href, style: 'resTable' } + ] + + col.stack.push( vulnerability_text ); }); row.push(col); @@ -478,7 +477,7 @@ jQuery(document).ready(function ($) { table.table.body.push(row); }); - // push the table + // Push the table is_wordpress_section ? wpscanReport.content.push(wordpressTable) : wpscanReport.content.push(mainTable); diff --git a/wp-content/plugins/wpscan/readme.txt b/wp-content/plugins/wpscan/readme.txt index 1d6f594e..bdab822a 100644 --- a/wp-content/plugins/wpscan/readme.txt +++ b/wp-content/plugins/wpscan/readme.txt @@ -3,7 +3,7 @@ Contributors: ethicalhack3r, xfirefartx, erwanlr Tags: wpscan, wpvulndb, security, vulnerability, hack, scan, exploit, secure, alerts Requires at least: 3.4 Tested up to: 5.6 -Stable tag: 1.15.1 +Stable tag: 1.15.4 Requires PHP: 5.5 License: GPLv3 License URI: https://www.gnu.org/licenses/gpl.html @@ -90,6 +90,18 @@ The WPScan WordPress Security Plugin will also check for other security issues, == Changelog == += 1.15.4 = +* Fix images not loading on some hosted websites +* Update remediation links + += 1.15.3 = +* Fix fatal error in security checks + += 1.15.2 = +* Improve HTML and PDF report output +* Disable security checks setting +* Some refactoring + = 1.15.1 = * Improved email alert text * Improved PDF report download layout diff --git a/wp-content/plugins/wpscan/security-checks/database-exports/check.php b/wp-content/plugins/wpscan/security-checks/database-exports/check.php index 75041d2b..f8868680 100644 --- a/wp-content/plugins/wpscan/security-checks/database-exports/check.php +++ b/wp-content/plugins/wpscan/security-checks/database-exports/check.php @@ -73,7 +73,7 @@ class databaseExports extends Check { $code = wp_remote_retrieve_response_code( $response ); if ( 200 === $code ) { - $this->add_vulnerability( __( 'A publicly accessible database file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $name ), 'https://blog.wpscan.com/2021/01/28/wordpress-database-backup-files.html' ); + $this->add_vulnerability( __( 'A publicly accessible database file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $name ), 'https://blog.wpscan.com/wordpress-database-backup-files/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/debuglog-files/check.php b/wp-content/plugins/wpscan/security-checks/debuglog-files/check.php index 806ecbfc..d2a25894 100644 --- a/wp-content/plugins/wpscan/security-checks/debuglog-files/check.php +++ b/wp-content/plugins/wpscan/security-checks/debuglog-files/check.php @@ -68,7 +68,7 @@ class debuglogFiles extends Check { $code = wp_remote_retrieve_response_code( $response ); if ( 200 === $code ) { - $this->add_vulnerability( __( 'A publicly accessible debug.log file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $file ), 'https://blog.wpscan.com/2021/03/18/wordpress-debug-log-files.html' ); + $this->add_vulnerability( __( 'A publicly accessible debug.log file was found in', 'wpscan' ) . " $url", 'high', sanitize_title( $file ), 'https://blog.wpscan.com/wordpress-debug-log-files/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/https/check.php b/wp-content/plugins/wpscan/security-checks/https/check.php index 750ba8d5..069b50c6 100644 --- a/wp-content/plugins/wpscan/security-checks/https/check.php +++ b/wp-content/plugins/wpscan/security-checks/https/check.php @@ -66,7 +66,7 @@ class https extends Check { // Check if the current page is using HTTPS. if ( 'https' !== substr( $wp_url, 0, 5 ) || 'https' !== substr( $site_url, 0, 5 ) ) { // No HTTPS used. - $this->add_vulnerability( __( 'The website does not seem to be using HTTPS (SSL/TLS) encryption for communications.', 'wpscan' ), 'high', 'https', 'https://blog.wpscan.com/2021/03/23/wordpress-ssl-tls-https.html' ); + $this->add_vulnerability( __( 'The website does not seem to be using HTTPS (SSL/TLS) encryption for communications.', 'wpscan' ), 'high', 'https', 'https://blog.wpscan.com/wordpress-ssl-tls-https-encryption/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/secret-keys/check.php b/wp-content/plugins/wpscan/security-checks/secret-keys/check.php index 26a6ca77..a1e8a9f7 100644 --- a/wp-content/plugins/wpscan/security-checks/secret-keys/check.php +++ b/wp-content/plugins/wpscan/security-checks/secret-keys/check.php @@ -64,7 +64,7 @@ class secretKeys extends Check { foreach ( $keys as $key ) { if ( defined( $key ) && constant( $key ) === 'put your unique phrase here' ) { - $this->add_vulnerability( __( 'The ' . esc_html( $key ) . ' secret key in the wp-config.php file was the default key. It should be changed to a random value using', 'wpscan' ) . " https://api.wordpress.org/secret-key/1.1/salt/.", 'high', sanitize_title( $key ), 'https://blog.wpscan.com/2021/03/23/wordpress-secret-keys.html' ); + $this->add_vulnerability( __( 'The ' . esc_html( $key ) . ' secret key in the wp-config.php file was the default key. It should be changed to a random value using', 'wpscan' ) . " https://api.wordpress.org/secret-key/1.1/salt/.", 'high', sanitize_title( $key ), 'https://blog.wpscan.com/wordpress-secret-keys/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/version-control/check.php b/wp-content/plugins/wpscan/security-checks/version-control/check.php index c92298c4..3f4a8463 100644 --- a/wp-content/plugins/wpscan/security-checks/version-control/check.php +++ b/wp-content/plugins/wpscan/security-checks/version-control/check.php @@ -70,7 +70,7 @@ class versionControl extends Check { $code = wp_remote_retrieve_response_code( $response ); if ( 200 === $code ) { - $this->add_vulnerability( __( 'A publicly accessible ' . esc_html( $file ) . ' file was found. The file could expose your websites\'s source code.', 'wpscan' ), 'high', sanitize_title( $file ), 'https://blog.wpscan.com/2021/03/23/wordpress-version-control-files.html' ); + $this->add_vulnerability( __( 'A publicly accessible ' . esc_html( $file ) . ' file was found. The file could expose your websites\'s source code.', 'wpscan' ), 'high', sanitize_title( $file ), 'https://blog.wpscan.com/wordpress-version-control-files/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/weak-passwords/check.php b/wp-content/plugins/wpscan/security-checks/weak-passwords/check.php index 1bb508a2..0bbf6e3e 100644 --- a/wp-content/plugins/wpscan/security-checks/weak-passwords/check.php +++ b/wp-content/plugins/wpscan/security-checks/weak-passwords/check.php @@ -90,7 +90,7 @@ class weakPasswords extends Check { ); } - $this->add_vulnerability( $text, 'high', 'weak-passwords', 'https://blog.wpscan.com/wpscan/2019/09/17/wpscan-brute-force.html' ); + $this->add_vulnerability( $text, 'high', 'weak-passwords', 'https://blog.wpscan.com/wpscan-brute-force/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/wpconfig-backups/check.php b/wp-content/plugins/wpscan/security-checks/wpconfig-backups/check.php index c16e591a..472dc4d5 100644 --- a/wp-content/plugins/wpscan/security-checks/wpconfig-backups/check.php +++ b/wp-content/plugins/wpscan/security-checks/wpconfig-backups/check.php @@ -73,7 +73,7 @@ class wpconfigBackups extends Check { $code = wp_remote_retrieve_response_code( $response ); if ( 200 === $code ) { - $this->add_vulnerability( __( 'A publicly accessible wp-config.php backup file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $path ), 'https://blog.wpscan.com/2021/04/01/wordpress-wp-config-backup-file.html' ); + $this->add_vulnerability( __( 'A publicly accessible wp-config.php backup file was found in', 'wpscan' ) . " $url.", 'high', sanitize_title( $path ), 'https://blog.wpscan.com/wordpress-configuration-file-backups/' ); } } } diff --git a/wp-content/plugins/wpscan/security-checks/xmlrpc-enabled/check.php b/wp-content/plugins/wpscan/security-checks/xmlrpc-enabled/check.php index 41392cef..9f0aae50 100644 --- a/wp-content/plugins/wpscan/security-checks/xmlrpc-enabled/check.php +++ b/wp-content/plugins/wpscan/security-checks/xmlrpc-enabled/check.php @@ -75,7 +75,7 @@ class xmlrpcEnabled extends Check { error_log( $authenticated_response->get_error_message() ); } else { if ( preg_match( '/Incorrect username or password.<\/string>/', $authenticated_response['body'] ) ) { - $this->add_vulnerability( __( 'The XML-RPC interface is enabled. This significantly increases your site\'s attack surface.', 'wpscan' ), 'medium', sanitize_title( $url ), 'https://blog.wpscan.com/2021/01/25/wordpress-xmlrpc-security.html' ); + $this->add_vulnerability( __( 'The XML-RPC interface is enabled. This significantly increases your site\'s attack surface.', 'wpscan' ), 'medium', sanitize_title( $url ), 'https://blog.wpscan.com/is-wordpress-xmlrpc-a-security-problem/' ); return; } else { // Try an unauthenticated request. @@ -83,7 +83,7 @@ class xmlrpcEnabled extends Check { $unauthenticated_response = wp_remote_post( $url, array( 'body' => $unauthenticated_body ) ); if ( preg_match( '/Hello!<\/string>/', $unauthenticated_response['body'] ) ) { - $this->add_vulnerability( __( 'The XML-RPC interface is partly disabled, but still allows unauthenticated requests.', 'wpscan' ), 'low', sanitize_title( $url ), 'https://blog.wpscan.com/2021/01/25/wordpress-xmlrpc-security.html' ); + $this->add_vulnerability( __( 'The XML-RPC interface is partly disabled, but still allows unauthenticated requests.', 'wpscan' ), 'low', sanitize_title( $url ), 'https://blog.wpscan.com/is-wordpress-xmlrpc-a-security-problem/' ); } } } diff --git a/wp-content/plugins/wpscan/views/report.php b/wp-content/plugins/wpscan/views/report.php index 9f20c807..cffacbcb 100644 --- a/wp-content/plugins/wpscan/views/report.php +++ b/wp-content/plugins/wpscan/views/report.php @@ -8,7 +8,7 @@

- parent->plugin_dir. 'assets/svg/logo.svg'); ?> +

@@ -50,11 +50,8 @@ get_status( 'wordpress', get_bloginfo( 'version' ) ) ?> - - WordPress - - %s', 'wpscan' ), get_bloginfo( 'version' ) ) ?> - + + WordPress - + %s', 'wpscan' ), esc_html($details['Version']) ) ?> @@ -162,41 +159,45 @@
-
-

+ parent->OPT_DISABLE_CHECKS, array() ) !== '1' ) { ?> - - - - - - - - - - - parent->classes['checks/system']->checks as $id => $data ) : ?> - - - - - - - - - -
- get_status('security-checks', $id) ?> - - title()) ?> - - - parent->classes['checks/system']->list_check_vulnerabilities( $data['instance'] ) ?> - - parent->classes['checks/system']->list_actions($data['instance']) ?> - -
-
+
+

+ + + + + + + + + + + + parent->classes['checks/system']->checks as $id => $data ) : ?> + + + + + + + + + +
+ get_status('security-checks', $id) ?> + + title() ) ?> + + + list_security_check_vulnerabilities( $data['instance'] ) ?> + + parent->classes['checks/system']->list_actions($data['instance']) ?> + +
+
+ + parent->OPT_API_TOKEN ) ) { ?> diff --git a/wp-content/plugins/wpscan/wpscan.php b/wp-content/plugins/wpscan/wpscan.php index 5f726694..817dfc29 100644 --- a/wp-content/plugins/wpscan/wpscan.php +++ b/wp-content/plugins/wpscan/wpscan.php @@ -3,7 +3,7 @@ * Plugin Name: WPScan * Plugin URI: http://wordpress.org/plugins/wpscan/ * Description: WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database. - * Version: 1.15.1 + * Version: 1.15.4 * Author: WPScan Team * Author URI: https://wpscan.com/ * License: GPLv3