WordPress.org
Get WordPress

Plugin Directory

Changeset 2452843


Ignore:
Timestamp:
01/08/2021 08:22:15 PM (5 years ago)
Author:
ethicalhack3r
Message:

New 1.14.1 version release

Location:
wpscan
Files:
6 edited
1 copied

Legend:

Unmodified
Added
Removed

  • wpscan/tags/1.14.1/readme.txt

    r2452411 r2452843  
    44Requires at least: 3.4
    55Tested up to: 5.6
    6 Stable tag: 1.14
     6Stable tag: 1.14.1
    77Requires PHP: 5.5
    88License: GPLv3
     
    7878
    7979== Changelog ==
     80
     81= 1.14.1 =
     82
     83* Use the wp_check_password() function to check for weak passwords
    8084
    8185= 1.14 =

  • wpscan/tags/1.14.1/security-checks/weak-passwords/check.php

    r2452411 r2452843  
    7070     
    7171      foreach ( $passwords as $password ) {
    72         $login = wp_authenticate( $username, $password );
    73 
    74         if ( 'WP_User' ===  get_class( $login ) ) {
     72        if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
    7573          array_push( $found, $username );
    7674          break;
     
    8179    if ( ! empty( $found ) ) {
    8280        if ( 1 === count( $found ) ) {
    83           $text = __( 'The ' . esc_html( $found[0] ) . ' user was found to have a weak password. The user\'s password should be updated immediately', 'wpscan' );
     81          $text = sprintf(
     82            __( 'The %s user was found to have a weak password. The user\'s password should be updated immediately', 'wpscan' ),
     83            esc_html( $found[0] )
     84          );
    8485        } else {
    8586          $found = implode( ', ', $found );
    86           $text  = __( 'The ' . esc_html( $found ) . ' users were found to have weak passwords. The users\' passwords should be updated immediately', 'wpscan' );
     87          $text  = sprintf(
     88            __( 'The %s users were found to have weak passwords. The users\' passwords should be updated immediately', 'wpscan' ),
     89            esc_html( $found )
     90          );
    8791        }
    8892

  • wpscan/tags/1.14.1/wpscan.php

    r2452411 r2452843  
    44 * Plugin URI:    http://wordpress.org/plugins/wpscan/
    55 * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
    6  * Version:       1.14
     6 * Version:       1.14.1
    77 * Author:        WPScan Team
    88 * Author URI:    https://wpscan.com/

  • wpscan/trunk/readme.txt

    r2452411 r2452843  
    44Requires at least: 3.4
    55Tested up to: 5.6
    6 Stable tag: 1.14
     6Stable tag: 1.14.1
    77Requires PHP: 5.5
    88License: GPLv3
     
    7878
    7979== Changelog ==
     80
     81= 1.14.1 =
     82
     83* Use the wp_check_password() function to check for weak passwords
    8084
    8185= 1.14 =

  • wpscan/trunk/security-checks/weak-passwords/check.php

    r2452411 r2452843  
    7070     
    7171      foreach ( $passwords as $password ) {
    72         $login = wp_authenticate( $username, $password );
    73 
    74         if ( 'WP_User' ===  get_class( $login ) ) {
     72        if ( wp_check_password( $password, $user->data->user_pass, $user->ID ) ) {
    7573          array_push( $found, $username );
    7674          break;
     
    8179    if ( ! empty( $found ) ) {
    8280        if ( 1 === count( $found ) ) {
    83           $text = __( 'The ' . esc_html( $found[0] ) . ' user was found to have a weak password. The user\'s password should be updated immediately', 'wpscan' );
     81          $text = sprintf(
     82            __( 'The %s user was found to have a weak password. The user\'s password should be updated immediately', 'wpscan' ),
     83            esc_html( $found[0] )
     84          );
    8485        } else {
    8586          $found = implode( ', ', $found );
    86           $text  = __( 'The ' . esc_html( $found ) . ' users were found to have weak passwords. The users\' passwords should be updated immediately', 'wpscan' );
     87          $text  = sprintf(
     88            __( 'The %s users were found to have weak passwords. The users\' passwords should be updated immediately', 'wpscan' ),
     89            esc_html( $found )
     90          );
    8791        }
    8892

  • wpscan/trunk/wpscan.php

    r2452411 r2452843  
    44 * Plugin URI:    http://wordpress.org/plugins/wpscan/
    55 * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
    6  * Version:       1.14
     6 * Version:       1.14.1
    77 * Author:        WPScan Team
    88 * Author URI:    https://wpscan.com/
Note: See TracChangeset for help on using the changeset viewer.