Changeset 2751825

Timestamp:

07/04/2022 11:07:42 PM (3 years ago)

Author:

miguelxavierpenha

Message:

New 1.15.6 version release

Location:

wpscan

Files:

• tags/1.15.6 (copied) (copied from wpscan/trunk)
• tags/1.15.6/app/Plugin.php (modified) (7 diffs)
• tags/1.15.6/app/SiteHealth.php (modified) (1 diff)
• tags/1.15.6/assets/js/dismiss-protect.js (added)
• tags/1.15.6/assets/svg/logo.svg (modified) (1 diff)
• tags/1.15.6/assets/svg/menu-icon.svg (modified) (1 diff)
• tags/1.15.6/readme.txt (modified) (3 diffs)
• tags/1.15.6/security-checks/weak-passwords/check.php (modified) (1 diff)
• tags/1.15.6/uninstall.php (modified) (2 diffs)
• tags/1.15.6/wpscan.php (modified) (1 diff)
• trunk/app/Plugin.php (modified) (7 diffs)
• trunk/app/SiteHealth.php (modified) (1 diff)
• trunk/assets/js/dismiss-protect.js (added)
• trunk/assets/svg/logo.svg (modified) (1 diff)
• trunk/assets/svg/menu-icon.svg (modified) (1 diff)
• trunk/readme.txt (modified) (3 diffs)
• trunk/security-checks/weak-passwords/check.php (modified) (1 diff)
• trunk/uninstall.php (modified) (2 diffs)
• trunk/wpscan.php (modified) (1 diff)

wpscan/tags/1.15.6/app/Plugin.php

@@ -54 +54 @@
     public $plugin_dir = '';
 
-    // Plugin URI.
-    public $plugin_url = '';
-
     // Page.
     public $page_hook = 'toplevel_page_wpscan';
@@ -75 +72 @@
     public function __construct() {
         $this->plugin_dir = trailingslashit( str_replace( '\\', '/', dirname( WPSCAN_PLUGIN_FILE ) ) );
-        $this->plugin_url = site_url( str_replace( str_replace( '\\', '/', ABSPATH ), '', $this->plugin_dir ) );
 
         // Languages.
@@ -86 +82 @@
         // Actions.
         add_action( 'admin_menu', array( $this, 'menu' ) );
+        add_action( 'admin_notices', array( $this, 'protect_notify' ) ); 
         add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue' ) );
         add_action( 'admin_bar_menu', array( $this, 'admin_bar' ), 65 );
@@ -91 +88 @@
         add_action( $this->WPSCAN_RUN_ALL, array( $this, 'check_now' ) );
         add_action( 'in_admin_header', array( $this, 'deactivate_screen' ) );
+        add_action( 'wp_ajax_wpscan_dismiss_protect_notice', array( $this, 'ajax_wpscan_dismiss_protect_notice' ) );
 
         if ( defined( 'WPSCAN_API_TOKEN' ) ) {
@@ -194 +192 @@
         global $pagenow;
         $screen = get_current_screen();
+
+        wp_enqueue_script(
+            'wpscan-dismiss-protect-notice', 
+            plugins_url( 'assets/js/dismiss-protect.js', WPSCAN_PLUGIN_FILE ),
+            array( 'jquery' ),
+            $this->wpscan_plugin_version()
+        );
+
+        $localized = array(
+            'action_dismiss_protect_notice' => 'wpscan_dismiss_protect_notice',
+            'ajax_nonce'                    => wp_create_nonce( 'wpscan' ),
+            'ajaxurl'                       => admin_url( 'admin-ajax.php' ),
+        );
+
+        wp_localize_script( 'wpscan-dismiss-protect-notice', 'wpscan', $localized );
 
         if ( $hook === $this->page_hook || 'dashboard' === $screen->id ) {
@@ -239 +252 @@
             );
 
-            $localized = array(
-                'ajaxurl'               => admin_url( 'admin-ajax.php' ),
+            $localized += array(
                 'action_check'          => 'wpscan_check_now',
                 'action_security_check' => 'wpscan_security_check_now',
                 'action_cron'           => $this->WPSCAN_TRANSIENT_CRON,
-                'ajax_nonce'            => wp_create_nonce( 'wpscan' ),
                 'doing_cron'            => false !== as_next_scheduled_action( $this->WPSCAN_RUN_ALL ) ? 'YES' : 'NO',
                 'doing_security_cron'   => get_option( $this->WPSCAN_RUN_SECURITY ),
@@ -910 +921 @@
         delete_transient( $this->WPSCAN_TRANSIENT_CRON );
     }
+
+    /**
+     * Notify non-enterprise level users of Jetpack Protect
+     *
+     * @since 1.15.5 
+     * @access public
+     * @return void
+     */
+    public function protect_notify() {
+        $user_id = get_current_user_id();
+        $plan = $this->classes['account']->get_account_status()['plan'];
+        
+        if ( $plan === 'enterprise' || get_user_meta( $user_id, 'protect_notice_dismissed', true ) ) {
+            return;
+        }
+        
+        $screen = get_current_screen(); 
+        $protect_plugin_url = 'https://wordpress.org/plugins/jetpack-protect/';
+        $message = sprintf(
+            // Translators: 1 and 2 are the opening and closing <a> tags with the link to the Jetpack Protect plugin page on wordpress.org
+            __( 'The features of WPScan are now available within %1$sJetpack Protect%2$s', 'wpscan' ),
+            '<a href="' . esc_url( $protect_plugin_url ) . '" target="_blank">',
+            '</a>'
+        );
+
+        printf(
+            '<div class="notice notice-info protect-notice"><p>%s<a id="dismissible-protect-notice" href="#" style="float:right;">Dismiss</a></p></div>',
+            $message
+        );
+    }
+
+    /**
+     * Ajax dismiss Jetpack Protect notice
+     * 
+     * @since 1.15.5
+     * @access public
+     * @return void
+     */
+    public function ajax_wpscan_dismiss_protect_notice() {
+        $user_id = get_current_user_id();
+        check_ajax_referer( 'wpscan' );
+
+        add_user_meta( $user_id, 'protect_notice_dismissed', true, true );
+
+        wp_die();
+    }
 }

wpscan/tags/1.15.6/app/SiteHealth.php

@@ -36 +36 @@
     public function add_site_health_tests( $tests ) {
         $tests['direct']['wpscan_check'] = array(
-            'label' => __( 'WPScan Vulnerabilities Check' ),
+            'label' => __( 'WPScan Vulnerabilities Check', 'wpscan' ),
             'test'  => array( $this, 'site_health_tests' ),
         );

wpscan/tags/1.15.6/assets/svg/logo.svg

@@ -1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="159" height="45" viewBox="0 0 159 45">
-  <g fill="none">
-    <polyline fill="#069" points="29.277 33.719 9.857 22.506 .146 28.112 29.277 44.932 58.409 28.112 48.698 22.506 29.277 33.719"/>
-    <polyline fill="#3C9" points="48.698 22.506 58.409 16.9 29.277 .081 .146 16.9 9.857 22.506 29.277 11.293 48.698 22.506"/>
-    <path fill="#FFF" d="M48.6984848,22.5062122 L29.2774243,11.2934848 L9.85636368,22.5062122 L19.9818182,28.3522728 C18.7071212,29.5137878 17.4965152,30.6225758 17.2719697,30.8469697 C16.2375757,31.8813637 16.2375757,33.5021212 17.2719697,34.5365151 C17.7734848,35.0378788 18.429697,35.3142424 19.1198485,35.3142424 C19.12,35.3142424 19.12,35.3142424 19.12,35.3142424 C19.8060606,35.3142424 20.46,35.0380303 20.9616666,34.5365151 C21.2425758,34.2554546 22.9107576,32.4274243 24.3325758,30.8640909 L29.2774243,33.7190909 L48.6984848,22.5062122"/>
-    <path fill="#000" d="M33.2386364,22.5062122 C33.2384848,23.5212121 32.8521212,24.5362121 32.0796969,25.3090909 C31.3312121,26.0572728 30.3362122,26.4692425 29.2775757,26.4692425 L29.2774243,26.4692425 L29.2774243,25.4590909 L29.2775757,25.4592424 C30.0663636,25.4592424 30.8078788,25.1522727 31.3651516,24.595 C31.9409091,24.0189394 32.2287879,23.2625758 32.2289394,22.5062122 L33.2386364,22.5062122 Z M29.2771212,27.5034848 C27.949394,27.5033334 26.7004545,26.9859091 25.7610606,26.0466666 C24.8218182,25.1074242 24.304394,23.8584848 24.3042424,22.53 C24.3042424,19.7880303 26.535303,17.5569697 29.2775757,17.5568182 C30.6059091,17.5572727 31.8551515,18.0748485 32.7945454,19.0142424 C33.7337878,19.9533334 34.2509091,21.2021213 34.2509091,22.530303 C34.2509091,25.2718182 32.019697,27.5028788 29.2771212,27.5034848 Z M29.2774243,16.0416667 C25.6936363,16.0418182 22.7890909,18.9462121 22.7890909,22.5301515 C22.7892425,24.0565152 23.3177273,25.4586363 24.1998485,26.5666667 C23.7959091,26.9328788 18.7875758,31.4740909 18.3433334,31.9183333 C17.8804545,32.3812121 17.9162122,33.0380303 18.3433334,33.4651515 C18.7706061,33.8922727 19.4274242,33.9280303 19.8901516,33.4651515 C20.3345455,33.0209091 24.8763636,28.0118182 25.2419697,27.6086363 C26.349697,28.4903031 27.7515151,29.0184848 29.2775757,29.0186364 C32.8606061,29.0178788 35.7660606,26.1142424 35.7662121,22.530303 C35.7660606,18.9463637 32.8606061,16.0427273 29.2774243,16.0416667 L29.2774243,16.0416667 Z"/>
-    <polyline fill="#000" points="90.671 14.721 88.359 14.721 88.359 15.824 90.28 16.114 87.413 26.332 84.298 16.095 86.517 15.824 86.517 14.721 79.826 14.721 79.826 15.824 81.87 16.069 78.675 26.266 75.995 16.052 77.95 15.824 77.95 14.721 71.131 14.721 71.131 15.824 72.834 16.012 77.057 30.396 78.671 30.396 82.223 18.926 85.936 30.396 87.564 30.396 91.612 16.117 93.513 15.824 93.513 14.721 90.671 14.721"/>
-    <path fill="#000" d="M101.126061,23.0351515 L99.9803034,23.0351515 L99.9803034,21.9971212 C99.9803034,19.9516666 99.9828792,17.925 100.02303,15.9386364 L101.032273,15.9386364 C103.467272,15.9386364 104.674394,17.1495454 104.674394,19.3659091 C104.674394,21.5525758 103.599394,23.0351515 101.126061,23.0351515 Z M101.271363,14.7210606 L94.9231818,14.7210606 L94.9231818,15.8237878 L96.8966667,16.0386364 C96.9353028,18.0236363 96.9375762,20.0178787 96.9375762,21.9971212 L96.9375762,23.0154546 C96.9375762,25.0265152 96.9353028,27.019697 96.8971212,28.9739394 L94.9231818,29.1889394 L94.9231818,30.2915152 L102.167122,30.2915152 L102.167122,29.1889394 L100.018939,28.955 C99.9868185,27.32 99.9812124,25.7442424 99.9804546,24.2354545 L100.937576,24.2354545 C105.880757,24.2354545 107.645,22.0292424 107.645,19.3745454 C107.645,16.6025758 105.675757,14.7210606 101.271363,14.7210606 L101.271363,14.7210606 Z M119.694545,26.0892424 C119.694545,28.8589394 117.474546,30.6865151 113.85409,30.6865151 C112.093788,30.6865151 110.242576,30.2095454 109.025,29.4513637 L109.165909,26.0619697 L110.970455,26.0619697 L111.436515,28.8956061 C112.171819,29.235 112.870454,29.4010606 113.81803,29.4010606 C115.763485,29.4010606 116.949243,28.4028788 116.949243,26.8563636 C116.949243,25.4772727 116.189091,24.8569697 114.465909,24.145 L113.522273,23.7412121 C110.938637,22.6387879 109.321515,21.2601515 109.321515,18.7628788 C109.321515,16.0033333 111.598333,14.3260606 114.871819,14.3260606 C116.496212,14.3260606 117.929697,14.7930303 119.007727,15.5440909 L118.841212,18.7159091 L117.05394,18.7159091 L116.583484,16.0015152 C116.031818,15.7360606 115.481818,15.6115151 114.834394,15.6115151 C113.253637,15.6115151 112.023788,16.4924242 112.023788,18.0115151 C112.023788,19.3695455 112.874243,20.1259091 114.423788,20.7660606 L115.43394,21.1956061 C118.480454,22.4701515 119.694545,23.7969697 119.694545,26.0892424 L119.694545,26.0892424 Z M130.692425,27.1925758 L131.385,27.6981818 C130.613485,29.6289394 129.016667,30.6224242 126.801667,30.6224242 C123.594697,30.6224242 121.257424,28.4725758 121.257424,24.700606 C121.257424,20.9381818 123.968334,18.7233333 127.123333,18.7233333 C129.410455,18.7233333 131.147273,20.1434848 131.383485,21.9492424 C131.19697,22.665303 130.776212,22.9986364 130.06,22.9986364 C129.20803,22.9986364 128.670455,22.4775758 128.53197,21.3478788 L128.233636,19.945303 C127.941364,19.8865151 127.653333,19.8571212 127.365909,19.8571212 C125.677424,19.8571212 124.213485,21.2869697 124.213485,24.3775758 C124.213485,27.2056061 125.648031,28.7560607 127.733788,28.7560607 C128.974546,28.7560607 129.990606,28.1678788 130.692425,27.1925758 L130.692425,27.1925758 Z M137.395303,28.9072727 C136.462121,28.9072727 135.743939,28.3884848 135.743939,27.1790909 C135.743939,26.2831819 136.211212,25.4428788 137.789394,24.8109091 C138.187121,24.6401515 138.790303,24.4381819 139.436364,24.250606 L139.436364,27.9486364 C138.41591,28.6786363 138.004242,28.9072727 137.395303,28.9072727 Z M142.906061,29.1395454 C142.469697,29.1395454 142.209091,28.8415151 142.209091,28.0869697 L142.209091,22.964697 C142.209091,19.9127272 141.027273,18.7233333 138.308182,18.7233333 C135.435606,18.7233333 133.621212,19.9384849 133.338939,21.8084848 C133.455,22.49 133.925152,22.8678788 134.662272,22.8678788 C135.433788,22.8678788 135.992576,22.3631818 136.126364,21.2343939 L136.400909,19.9403031 C136.773485,19.8775758 137.092879,19.8571212 137.384546,19.8571212 C138.907727,19.8571212 139.436364,20.4462122 139.436364,22.6343939 L139.436364,23.3022727 C138.625606,23.5116667 137.801516,23.7490909 137.20197,23.9439394 C133.815758,25.0422727 132.999546,26.1587879 132.999546,27.6542424 C132.999546,29.5934848 134.345152,30.6224242 136.11,30.6224242 C137.599849,30.6224242 138.364242,29.9981818 139.524242,28.8192424 C139.792424,29.9193939 140.60303,30.5778788 141.84697,30.5778788 C142.963637,30.5778788 143.701515,30.1780303 144.265152,29.0878788 L143.718182,28.6233333 C143.451515,28.9715152 143.227273,29.1395454 142.906061,29.1395454 L142.906061,29.1395454 Z M158.407576,29.3322727 L158.407576,30.2915152 L152.604545,30.2915152 L152.604545,29.3322727 L154.092425,29.034697 C154.116667,27.8821212 154.127273,26.4113636 154.127273,25.3627273 L154.127273,23.1412121 C154.127273,21.3031818 153.659091,20.685 152.492424,20.685 C151.651516,20.685 150.778788,21.0713637 149.851516,21.8586363 L149.851516,25.3627273 C149.851516,26.384697 149.863637,27.8801515 149.886364,29.0466667 L151.272727,29.3322727 L151.272727,30.2915152 L145.477273,30.2915152 L145.477273,29.3322727 L146.992424,29.0328788 C147.015151,27.8684849 147.027272,26.3806061 147.027272,25.3627273 L147.027272,24.130303 C147.027272,22.839394 147.00303,22.2322728 146.956061,21.2934848 L145.30303,21.0824242 L145.30303,20.2092424 L149.227273,18.7233333 L149.604546,18.9668182 L149.772727,20.7771212 C150.992424,19.4034848 152.351515,18.7233333 153.765151,18.7233333 C155.792425,18.7233333 156.95303,20.010303 156.95303,22.9104545 L156.95303,25.3627273 C156.95303,26.4145454 156.963636,27.8909091 156.987878,29.0448485 L158.407576,29.3322727 L158.407576,29.3322727 Z"/>
-  </g>
+<svg width="159" height="40" viewBox="0 0 159 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M7.69395 21.2958L20.5264 29.316C21.4174 29.8729 22.548 29.8729 23.4391 29.316L36.2715 21.2958L40.2372 23.7743C41.9592 24.8506 41.9592 27.3584 40.2372 28.4347L23.4391 38.9335C22.548 39.4904 21.4174 39.4904 20.5264 38.9335L3.72826 28.4347C2.00627 27.3584 2.00627 24.8506 3.72826 23.7743L7.69395 21.2958Z" fill="#09B585"/>
+<path d="M20.5264 0.910221L3.72826 11.409C2.00628 12.4853 2.00628 14.9931 3.72826 16.0694L20.5264 26.5682C21.4174 27.1251 22.548 27.1251 23.4391 26.5682L40.2372 16.0694C41.9592 14.9931 41.9592 12.4853 40.2372 11.409L23.4391 0.910221C22.548 0.353319 21.4174 0.353318 20.5264 0.910221Z" fill="#006088"/>
+<path d="M60.393 28.913L55.0814 10.3493H59.3688L62.4416 23.2478H62.5957L65.9857 10.3493H69.6568L73.0378 23.275H73.2009L76.2737 10.3493H80.5611L75.2494 28.913H71.4243L67.8892 16.7759H67.7442L64.2182 28.913H60.393ZM82.4065 28.913V10.3493H89.7305C91.1385 10.3493 92.338 10.6182 93.329 11.156C94.32 11.6878 95.0754 12.428 95.5951 13.3767C96.1208 14.3194 96.3837 15.4071 96.3837 16.6399C96.3837 17.8726 96.1178 18.9604 95.586 19.903C95.0543 20.8457 94.2838 21.5799 93.2746 22.1057C92.2715 22.6314 91.0569 22.8943 89.6308 22.8943H84.9627V19.749H88.9963C89.7516 19.749 90.374 19.619 90.8635 19.3592C91.359 19.0933 91.7277 18.7277 91.9694 18.2624C92.2171 17.7911 92.341 17.2502 92.341 16.6399C92.341 16.0235 92.2171 15.4857 91.9694 15.0264C91.7277 14.5611 91.359 14.2016 90.8635 13.9478C90.368 13.688 89.7395 13.558 88.9781 13.558H86.3314V28.913H82.4065ZM108.748 15.6881C108.676 14.957 108.364 14.3889 107.815 13.9841C107.265 13.5792 106.518 13.3767 105.576 13.3767C104.935 13.3767 104.394 13.4674 103.953 13.6487C103.512 13.8239 103.174 14.0687 102.938 14.3829C102.708 14.6971 102.594 15.0536 102.594 15.4525C102.581 15.7848 102.651 16.0749 102.802 16.3226C102.959 16.5704 103.174 16.7849 103.446 16.9662C103.718 17.1415 104.032 17.2955 104.388 17.4285C104.745 17.5554 105.126 17.6642 105.53 17.7548L107.198 18.1536C108.008 18.3349 108.751 18.5766 109.428 18.8788C110.105 19.1809 110.691 19.5526 111.187 19.9937C111.682 20.4348 112.066 20.9545 112.338 21.5527C112.616 22.151 112.758 22.8369 112.764 23.6103C112.758 24.7464 112.468 25.7314 111.894 26.5653C111.325 27.3932 110.504 28.0367 109.428 28.496C108.358 28.9492 107.068 29.1758 105.558 29.1758C104.059 29.1758 102.754 28.9462 101.642 28.4869C100.536 28.0277 99.6718 27.3479 99.0494 26.4475C98.433 25.541 98.1097 24.4201 98.0795 23.0846H101.877C101.92 23.707 102.098 24.2267 102.412 24.6437C102.733 25.0546 103.159 25.3658 103.69 25.5773C104.228 25.7828 104.835 25.8855 105.512 25.8855C106.177 25.8855 106.754 25.7888 107.244 25.5954C107.739 25.4021 108.123 25.1331 108.395 24.7887C108.667 24.4443 108.803 24.0485 108.803 23.6013C108.803 23.1843 108.679 22.8338 108.431 22.5498C108.189 22.2658 107.833 22.0241 107.361 21.8247C106.896 21.6253 106.325 21.444 105.648 21.2808L103.627 20.7732C102.062 20.3925 100.826 19.7973 99.9196 18.9875C99.0131 18.1778 98.563 17.0871 98.569 15.7153C98.563 14.5914 98.8621 13.6094 99.4664 12.7694C100.077 11.9295 100.914 11.2738 101.977 10.8025C103.041 10.3311 104.249 10.0955 105.603 10.0955C106.981 10.0955 108.183 10.3311 109.21 10.8025C110.244 11.2738 111.048 11.9295 111.622 12.7694C112.196 13.6094 112.492 14.5823 112.51 15.6881H108.748ZM121.367 29.1849C119.94 29.1849 118.714 28.8827 117.686 28.2785C116.665 27.6681 115.88 26.8221 115.33 25.7405C114.786 24.6588 114.514 23.414 114.514 22.006C114.514 20.5798 114.789 19.329 115.339 18.2533C115.895 17.1717 116.683 16.3287 117.705 15.7244C118.726 15.1141 119.94 14.8089 121.348 14.8089C122.563 14.8089 123.627 15.0295 124.539 15.4706C125.452 15.9117 126.174 16.5311 126.705 17.3288C127.237 18.1264 127.53 19.0631 127.585 20.1387H123.941C123.838 19.4438 123.566 18.8848 123.125 18.4618C122.69 18.0328 122.119 17.8183 121.412 17.8183C120.814 17.8183 120.291 17.9814 119.844 18.3077C119.403 18.628 119.058 19.0963 118.81 19.7127C118.563 20.3291 118.439 21.0754 118.439 21.9516C118.439 22.8399 118.56 23.5952 118.801 24.2177C119.049 24.8401 119.397 25.3144 119.844 25.6407C120.291 25.9671 120.814 26.1302 121.412 26.1302C121.853 26.1302 122.249 26.0396 122.599 25.8583C122.956 25.677 123.249 25.4141 123.479 25.0697C123.714 24.7192 123.868 24.2992 123.941 23.8098H127.585C127.524 24.8733 127.234 25.8099 126.714 26.6197C126.201 27.4234 125.491 28.0519 124.584 28.5051C123.678 28.9583 122.605 29.1849 121.367 29.1849ZM133.772 29.1758C132.884 29.1758 132.092 29.0217 131.397 28.7135C130.702 28.3993 130.152 27.937 129.747 27.3267C129.348 26.7103 129.149 25.9429 129.149 25.0244C129.149 24.2509 129.291 23.6013 129.575 23.0756C129.859 22.5498 130.246 22.1268 130.735 21.8065C131.225 21.4863 131.781 21.2446 132.403 21.0814C133.032 20.9182 133.69 20.8034 134.379 20.737C135.189 20.6524 135.842 20.5738 136.337 20.5013C136.833 20.4227 137.192 20.3079 137.416 20.1568C137.639 20.0058 137.751 19.7822 137.751 19.4861V19.4317C137.751 18.8576 137.57 18.4135 137.207 18.0992C136.851 17.785 136.343 17.6279 135.684 17.6279C134.989 17.6279 134.437 17.782 134.026 18.0902C133.615 18.3923 133.343 18.773 133.21 19.2323L129.639 18.9422C129.82 18.0962 130.176 17.365 130.708 16.7487C131.24 16.1262 131.926 15.6489 132.766 15.3165C133.612 14.9781 134.591 14.8089 135.703 14.8089C136.476 14.8089 137.216 14.8995 137.923 15.0808C138.636 15.2621 139.268 15.5431 139.818 15.9238C140.374 16.3045 140.812 16.794 141.132 17.3922C141.452 17.9844 141.612 18.6945 141.612 19.5223V28.913H137.951V26.9823H137.842C137.618 27.4174 137.319 27.8011 136.944 28.1334C136.57 28.4597 136.12 28.7166 135.594 28.9039C135.068 29.0852 134.461 29.1758 133.772 29.1758ZM134.878 26.5109C135.446 26.5109 135.947 26.3991 136.382 26.1755C136.817 25.9459 137.159 25.6377 137.407 25.251C137.654 24.8642 137.778 24.4261 137.778 23.9367V22.4592C137.657 22.5377 137.491 22.6103 137.28 22.6767C137.074 22.7372 136.842 22.7946 136.582 22.8489C136.322 22.8973 136.062 22.9426 135.802 22.9849C135.542 23.0212 135.307 23.0544 135.095 23.0846C134.642 23.1511 134.246 23.2568 133.908 23.4019C133.569 23.5469 133.307 23.7433 133.119 23.991C132.932 24.2328 132.838 24.5349 132.838 24.8975C132.838 25.4232 133.029 25.8251 133.409 26.103C133.796 26.375 134.285 26.5109 134.878 26.5109ZM148.214 20.8639V28.913H144.353V14.9902H148.033V17.4466H148.196C148.504 16.6369 149.021 15.9963 149.746 15.525C150.471 15.0476 151.351 14.8089 152.384 14.8089C153.351 14.8089 154.194 15.0204 154.913 15.4434C155.632 15.8664 156.191 16.4707 156.59 17.2563C156.989 18.0358 157.188 18.9664 157.188 20.0481V28.913H153.327V20.737C153.333 19.8849 153.115 19.2202 152.674 18.7428C152.233 18.2594 151.626 18.0177 150.852 18.0177C150.332 18.0177 149.873 18.1295 149.474 18.353C149.082 18.5766 148.773 18.9029 148.55 19.332C148.332 19.755 148.22 20.2656 148.214 20.8639Z" fill="black"/>
 </svg>

wpscan/tags/1.15.6/assets/svg/menu-icon.svg

@@ -1 @@
-<svg id="Layer_1_copy" data-name="Layer 1 copy" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 20 20"><defs><style>.cls-1{fill:#a0a5aa;}</style></defs><title>Artboard 2</title><polyline class="cls-1" points="16.67 10 20 8.08 10 2.3 0 8.08 3.33 10 10 6.15 16.67 10"/><path class="cls-1" d="M16.67,10l-4.2,2.42L10,13.85l-.51-.3L8.3,12.87,7.15,14.13a.93.93,0,0,1-.64.27.9.9,0,0,1-.63-.27.88.88,0,0,1,0-1.27L6.81,12,3.33,10,0,11.92,10,17.7l10-5.78Z"/><path class="cls-1" d="M11.36,10A1.37,1.37,0,0,1,10,11.36h0V11h0a1,1,0,0,0,.72-.29A1,1,0,0,0,11,10ZM10,11.72a1.72,1.72,0,0,1-1.21-.5A1.74,1.74,0,0,1,8.29,10,1.71,1.71,0,1,1,10,11.72Zm0-3.94A2.23,2.23,0,0,0,7.77,10a2.17,2.17,0,0,0,.49,1.38c-.14.13-1.86,1.69-2,1.84a.37.37,0,1,0,.53.53c.15-.15,1.71-1.87,1.83-2a2.28,2.28,0,0,0,1.39.49,2.23,2.23,0,1,0,0-4.46Z"/></svg>
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M2.80005 8.75L7.47005 11.6687C7.79432 11.8714 8.20577 11.8714 8.53004 11.6687L13.2 8.75L14.6432 9.65201C15.2699 10.0437 15.2699 10.9563 14.6432 11.348L8.53004 15.1688C8.20577 15.3714 7.79432 15.3714 7.47005 15.1688L1.35684 11.348C0.730173 10.9563 0.730174 10.0437 1.35684 9.65201L2.80005 8.75Z" fill="#09B585"/>
+<path d="M7.47 1.33125L1.3568 5.152C0.730129 5.54367 0.730128 6.45633 1.3568 6.848L7.47 10.6688C7.79427 10.8714 8.20573 10.8714 8.53 10.6688L14.6432 6.848C15.2699 6.45633 15.2699 5.54367 14.6432 5.152L8.53 1.33125C8.20573 1.12858 7.79427 1.12858 7.47 1.33125Z" fill="#006088"/>
+</svg>

wpscan/tags/1.15.6/readme.txt

@@ -4 +4 @@
 Requires at least: 3.4
 Tested up to: 5.8
-Stable tag: 1.15.5
+Stable tag: 1.15.6
 Requires PHP: 5.5
 License: GPLv3
@@ -12 +12 @@
 
 == Description ==
+
+<strong>Please note:</strong> This plugin is no longer actively supported for non-enterprise customers. **We recommend using [Jetpack Protect](https://wordpress.org/plugins/jetpack-protect/)** - a free security plugin for WordPress that leverages the extensive database of WPScan. Jetpack Protect scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats and malware.
+
+---
 
 The WPScan WordPress security plugin is unique in that it uses its own manually curated [WPScan WordPress Vulnerability Database](https://wpscan.com/). The vulnerability database has been around since 2014 and is updated on a daily basis by dedicated WordPress security specialists and the community at large. The database includes more than 21,000 known security vulnerabilities. The plugin uses this database to scan for [WordPress vulnerabilities](https://wpscan.com/wordpresses), [plugin vulnerabilities](https://wpscan.com/plugins) and [theme vulnerabilities](https://wpscan.com/themes), and has the options to schedule automated daily scans and to send email notifications.
@@ -90 +94 @@
 
 == Changelog ==
+
+= 1.15.6 =
+* Added a notice mentioning Jetpack Protect
 
 = 1.15.5 =

wpscan/tags/1.15.6/security-checks/weak-passwords/check.php

@@ -68 +68 @@
     foreach ( $users as $user ) {
       $username = $user->user_login;
+
+      // Using login as password.
+      if ( wp_check_password( $username, $user->data->user_pass, $user->ID ) ) {
+        array_push( $found, $username );
+        continue;
+      }
       
       foreach ( $passwords as $password ) {

wpscan/tags/1.15.6/uninstall.php

@@ -18 +18 @@
                 }
             }
+            $all_user_ids = get_users( 'fields=ID' );
+            foreach ( $all_user_ids as $user_id ) {
+                delete_user_meta( $user_id, 'protect_notice_dismissed' );
+            }
         }
         restore_current_blog();
@@ -27 +31 @@
         }
     }
+    $all_user_ids = get_users( 'fields=ID' );
+    foreach ( $all_user_ids as $user_id ) {
+        delete_user_meta( $user_id, 'protect_notice_dismissed' );
+    }
 }

wpscan/tags/1.15.6/wpscan.php

@@ -4 +4 @@
  * Plugin URI:    http://wordpress.org/plugins/wpscan/
  * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
- * Version:       1.15.5
+ * Version:       1.15.6
  * Author:        WPScan Team
  * Author URI:    https://wpscan.com/

wpscan/trunk/app/Plugin.php

@@ -54 +54 @@
     public $plugin_dir = '';
 
-    // Plugin URI.
-    public $plugin_url = '';
-
     // Page.
     public $page_hook = 'toplevel_page_wpscan';
@@ -75 +72 @@
     public function __construct() {
         $this->plugin_dir = trailingslashit( str_replace( '\\', '/', dirname( WPSCAN_PLUGIN_FILE ) ) );
-        $this->plugin_url = site_url( str_replace( str_replace( '\\', '/', ABSPATH ), '', $this->plugin_dir ) );
 
         // Languages.
@@ -86 +82 @@
         // Actions.
         add_action( 'admin_menu', array( $this, 'menu' ) );
+        add_action( 'admin_notices', array( $this, 'protect_notify' ) ); 
         add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue' ) );
         add_action( 'admin_bar_menu', array( $this, 'admin_bar' ), 65 );
@@ -91 +88 @@
         add_action( $this->WPSCAN_RUN_ALL, array( $this, 'check_now' ) );
         add_action( 'in_admin_header', array( $this, 'deactivate_screen' ) );
+        add_action( 'wp_ajax_wpscan_dismiss_protect_notice', array( $this, 'ajax_wpscan_dismiss_protect_notice' ) );
 
         if ( defined( 'WPSCAN_API_TOKEN' ) ) {
@@ -194 +192 @@
         global $pagenow;
         $screen = get_current_screen();
+
+        wp_enqueue_script(
+            'wpscan-dismiss-protect-notice', 
+            plugins_url( 'assets/js/dismiss-protect.js', WPSCAN_PLUGIN_FILE ),
+            array( 'jquery' ),
+            $this->wpscan_plugin_version()
+        );
+
+        $localized = array(
+            'action_dismiss_protect_notice' => 'wpscan_dismiss_protect_notice',
+            'ajax_nonce'                    => wp_create_nonce( 'wpscan' ),
+            'ajaxurl'                       => admin_url( 'admin-ajax.php' ),
+        );
+
+        wp_localize_script( 'wpscan-dismiss-protect-notice', 'wpscan', $localized );
 
         if ( $hook === $this->page_hook || 'dashboard' === $screen->id ) {
@@ -239 +252 @@
             );
 
-            $localized = array(
-                'ajaxurl'               => admin_url( 'admin-ajax.php' ),
+            $localized += array(
                 'action_check'          => 'wpscan_check_now',
                 'action_security_check' => 'wpscan_security_check_now',
                 'action_cron'           => $this->WPSCAN_TRANSIENT_CRON,
-                'ajax_nonce'            => wp_create_nonce( 'wpscan' ),
                 'doing_cron'            => false !== as_next_scheduled_action( $this->WPSCAN_RUN_ALL ) ? 'YES' : 'NO',
                 'doing_security_cron'   => get_option( $this->WPSCAN_RUN_SECURITY ),
@@ -910 +921 @@
         delete_transient( $this->WPSCAN_TRANSIENT_CRON );
     }
+
+    /**
+     * Notify non-enterprise level users of Jetpack Protect
+     *
+     * @since 1.15.5 
+     * @access public
+     * @return void
+     */
+    public function protect_notify() {
+        $user_id = get_current_user_id();
+        $plan = $this->classes['account']->get_account_status()['plan'];
+        
+        if ( $plan === 'enterprise' || get_user_meta( $user_id, 'protect_notice_dismissed', true ) ) {
+            return;
+        }
+        
+        $screen = get_current_screen(); 
+        $protect_plugin_url = 'https://wordpress.org/plugins/jetpack-protect/';
+        $message = sprintf(
+            // Translators: 1 and 2 are the opening and closing <a> tags with the link to the Jetpack Protect plugin page on wordpress.org
+            __( 'The features of WPScan are now available within %1$sJetpack Protect%2$s', 'wpscan' ),
+            '<a href="' . esc_url( $protect_plugin_url ) . '" target="_blank">',
+            '</a>'
+        );
+
+        printf(
+            '<div class="notice notice-info protect-notice"><p>%s<a id="dismissible-protect-notice" href="#" style="float:right;">Dismiss</a></p></div>',
+            $message
+        );
+    }
+
+    /**
+     * Ajax dismiss Jetpack Protect notice
+     * 
+     * @since 1.15.5
+     * @access public
+     * @return void
+     */
+    public function ajax_wpscan_dismiss_protect_notice() {
+        $user_id = get_current_user_id();
+        check_ajax_referer( 'wpscan' );
+
+        add_user_meta( $user_id, 'protect_notice_dismissed', true, true );
+
+        wp_die();
+    }
 }

wpscan/trunk/app/SiteHealth.php

@@ -36 +36 @@
     public function add_site_health_tests( $tests ) {
         $tests['direct']['wpscan_check'] = array(
-            'label' => __( 'WPScan Vulnerabilities Check' ),
+            'label' => __( 'WPScan Vulnerabilities Check', 'wpscan' ),
             'test'  => array( $this, 'site_health_tests' ),
         );

wpscan/trunk/assets/svg/logo.svg

@@ -1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="159" height="45" viewBox="0 0 159 45">
-  <g fill="none">
-    <polyline fill="#069" points="29.277 33.719 9.857 22.506 .146 28.112 29.277 44.932 58.409 28.112 48.698 22.506 29.277 33.719"/>
-    <polyline fill="#3C9" points="48.698 22.506 58.409 16.9 29.277 .081 .146 16.9 9.857 22.506 29.277 11.293 48.698 22.506"/>
-    <path fill="#FFF" d="M48.6984848,22.5062122 L29.2774243,11.2934848 L9.85636368,22.5062122 L19.9818182,28.3522728 C18.7071212,29.5137878 17.4965152,30.6225758 17.2719697,30.8469697 C16.2375757,31.8813637 16.2375757,33.5021212 17.2719697,34.5365151 C17.7734848,35.0378788 18.429697,35.3142424 19.1198485,35.3142424 C19.12,35.3142424 19.12,35.3142424 19.12,35.3142424 C19.8060606,35.3142424 20.46,35.0380303 20.9616666,34.5365151 C21.2425758,34.2554546 22.9107576,32.4274243 24.3325758,30.8640909 L29.2774243,33.7190909 L48.6984848,22.5062122"/>
-    <path fill="#000" d="M33.2386364,22.5062122 C33.2384848,23.5212121 32.8521212,24.5362121 32.0796969,25.3090909 C31.3312121,26.0572728 30.3362122,26.4692425 29.2775757,26.4692425 L29.2774243,26.4692425 L29.2774243,25.4590909 L29.2775757,25.4592424 C30.0663636,25.4592424 30.8078788,25.1522727 31.3651516,24.595 C31.9409091,24.0189394 32.2287879,23.2625758 32.2289394,22.5062122 L33.2386364,22.5062122 Z M29.2771212,27.5034848 C27.949394,27.5033334 26.7004545,26.9859091 25.7610606,26.0466666 C24.8218182,25.1074242 24.304394,23.8584848 24.3042424,22.53 C24.3042424,19.7880303 26.535303,17.5569697 29.2775757,17.5568182 C30.6059091,17.5572727 31.8551515,18.0748485 32.7945454,19.0142424 C33.7337878,19.9533334 34.2509091,21.2021213 34.2509091,22.530303 C34.2509091,25.2718182 32.019697,27.5028788 29.2771212,27.5034848 Z M29.2774243,16.0416667 C25.6936363,16.0418182 22.7890909,18.9462121 22.7890909,22.5301515 C22.7892425,24.0565152 23.3177273,25.4586363 24.1998485,26.5666667 C23.7959091,26.9328788 18.7875758,31.4740909 18.3433334,31.9183333 C17.8804545,32.3812121 17.9162122,33.0380303 18.3433334,33.4651515 C18.7706061,33.8922727 19.4274242,33.9280303 19.8901516,33.4651515 C20.3345455,33.0209091 24.8763636,28.0118182 25.2419697,27.6086363 C26.349697,28.4903031 27.7515151,29.0184848 29.2775757,29.0186364 C32.8606061,29.0178788 35.7660606,26.1142424 35.7662121,22.530303 C35.7660606,18.9463637 32.8606061,16.0427273 29.2774243,16.0416667 L29.2774243,16.0416667 Z"/>
-    <polyline fill="#000" points="90.671 14.721 88.359 14.721 88.359 15.824 90.28 16.114 87.413 26.332 84.298 16.095 86.517 15.824 86.517 14.721 79.826 14.721 79.826 15.824 81.87 16.069 78.675 26.266 75.995 16.052 77.95 15.824 77.95 14.721 71.131 14.721 71.131 15.824 72.834 16.012 77.057 30.396 78.671 30.396 82.223 18.926 85.936 30.396 87.564 30.396 91.612 16.117 93.513 15.824 93.513 14.721 90.671 14.721"/>
-    <path fill="#000" d="M101.126061,23.0351515 L99.9803034,23.0351515 L99.9803034,21.9971212 C99.9803034,19.9516666 99.9828792,17.925 100.02303,15.9386364 L101.032273,15.9386364 C103.467272,15.9386364 104.674394,17.1495454 104.674394,19.3659091 C104.674394,21.5525758 103.599394,23.0351515 101.126061,23.0351515 Z M101.271363,14.7210606 L94.9231818,14.7210606 L94.9231818,15.8237878 L96.8966667,16.0386364 C96.9353028,18.0236363 96.9375762,20.0178787 96.9375762,21.9971212 L96.9375762,23.0154546 C96.9375762,25.0265152 96.9353028,27.019697 96.8971212,28.9739394 L94.9231818,29.1889394 L94.9231818,30.2915152 L102.167122,30.2915152 L102.167122,29.1889394 L100.018939,28.955 C99.9868185,27.32 99.9812124,25.7442424 99.9804546,24.2354545 L100.937576,24.2354545 C105.880757,24.2354545 107.645,22.0292424 107.645,19.3745454 C107.645,16.6025758 105.675757,14.7210606 101.271363,14.7210606 L101.271363,14.7210606 Z M119.694545,26.0892424 C119.694545,28.8589394 117.474546,30.6865151 113.85409,30.6865151 C112.093788,30.6865151 110.242576,30.2095454 109.025,29.4513637 L109.165909,26.0619697 L110.970455,26.0619697 L111.436515,28.8956061 C112.171819,29.235 112.870454,29.4010606 113.81803,29.4010606 C115.763485,29.4010606 116.949243,28.4028788 116.949243,26.8563636 C116.949243,25.4772727 116.189091,24.8569697 114.465909,24.145 L113.522273,23.7412121 C110.938637,22.6387879 109.321515,21.2601515 109.321515,18.7628788 C109.321515,16.0033333 111.598333,14.3260606 114.871819,14.3260606 C116.496212,14.3260606 117.929697,14.7930303 119.007727,15.5440909 L118.841212,18.7159091 L117.05394,18.7159091 L116.583484,16.0015152 C116.031818,15.7360606 115.481818,15.6115151 114.834394,15.6115151 C113.253637,15.6115151 112.023788,16.4924242 112.023788,18.0115151 C112.023788,19.3695455 112.874243,20.1259091 114.423788,20.7660606 L115.43394,21.1956061 C118.480454,22.4701515 119.694545,23.7969697 119.694545,26.0892424 L119.694545,26.0892424 Z M130.692425,27.1925758 L131.385,27.6981818 C130.613485,29.6289394 129.016667,30.6224242 126.801667,30.6224242 C123.594697,30.6224242 121.257424,28.4725758 121.257424,24.700606 C121.257424,20.9381818 123.968334,18.7233333 127.123333,18.7233333 C129.410455,18.7233333 131.147273,20.1434848 131.383485,21.9492424 C131.19697,22.665303 130.776212,22.9986364 130.06,22.9986364 C129.20803,22.9986364 128.670455,22.4775758 128.53197,21.3478788 L128.233636,19.945303 C127.941364,19.8865151 127.653333,19.8571212 127.365909,19.8571212 C125.677424,19.8571212 124.213485,21.2869697 124.213485,24.3775758 C124.213485,27.2056061 125.648031,28.7560607 127.733788,28.7560607 C128.974546,28.7560607 129.990606,28.1678788 130.692425,27.1925758 L130.692425,27.1925758 Z M137.395303,28.9072727 C136.462121,28.9072727 135.743939,28.3884848 135.743939,27.1790909 C135.743939,26.2831819 136.211212,25.4428788 137.789394,24.8109091 C138.187121,24.6401515 138.790303,24.4381819 139.436364,24.250606 L139.436364,27.9486364 C138.41591,28.6786363 138.004242,28.9072727 137.395303,28.9072727 Z M142.906061,29.1395454 C142.469697,29.1395454 142.209091,28.8415151 142.209091,28.0869697 L142.209091,22.964697 C142.209091,19.9127272 141.027273,18.7233333 138.308182,18.7233333 C135.435606,18.7233333 133.621212,19.9384849 133.338939,21.8084848 C133.455,22.49 133.925152,22.8678788 134.662272,22.8678788 C135.433788,22.8678788 135.992576,22.3631818 136.126364,21.2343939 L136.400909,19.9403031 C136.773485,19.8775758 137.092879,19.8571212 137.384546,19.8571212 C138.907727,19.8571212 139.436364,20.4462122 139.436364,22.6343939 L139.436364,23.3022727 C138.625606,23.5116667 137.801516,23.7490909 137.20197,23.9439394 C133.815758,25.0422727 132.999546,26.1587879 132.999546,27.6542424 C132.999546,29.5934848 134.345152,30.6224242 136.11,30.6224242 C137.599849,30.6224242 138.364242,29.9981818 139.524242,28.8192424 C139.792424,29.9193939 140.60303,30.5778788 141.84697,30.5778788 C142.963637,30.5778788 143.701515,30.1780303 144.265152,29.0878788 L143.718182,28.6233333 C143.451515,28.9715152 143.227273,29.1395454 142.906061,29.1395454 L142.906061,29.1395454 Z M158.407576,29.3322727 L158.407576,30.2915152 L152.604545,30.2915152 L152.604545,29.3322727 L154.092425,29.034697 C154.116667,27.8821212 154.127273,26.4113636 154.127273,25.3627273 L154.127273,23.1412121 C154.127273,21.3031818 153.659091,20.685 152.492424,20.685 C151.651516,20.685 150.778788,21.0713637 149.851516,21.8586363 L149.851516,25.3627273 C149.851516,26.384697 149.863637,27.8801515 149.886364,29.0466667 L151.272727,29.3322727 L151.272727,30.2915152 L145.477273,30.2915152 L145.477273,29.3322727 L146.992424,29.0328788 C147.015151,27.8684849 147.027272,26.3806061 147.027272,25.3627273 L147.027272,24.130303 C147.027272,22.839394 147.00303,22.2322728 146.956061,21.2934848 L145.30303,21.0824242 L145.30303,20.2092424 L149.227273,18.7233333 L149.604546,18.9668182 L149.772727,20.7771212 C150.992424,19.4034848 152.351515,18.7233333 153.765151,18.7233333 C155.792425,18.7233333 156.95303,20.010303 156.95303,22.9104545 L156.95303,25.3627273 C156.95303,26.4145454 156.963636,27.8909091 156.987878,29.0448485 L158.407576,29.3322727 L158.407576,29.3322727 Z"/>
-  </g>
+<svg width="159" height="40" viewBox="0 0 159 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M7.69395 21.2958L20.5264 29.316C21.4174 29.8729 22.548 29.8729 23.4391 29.316L36.2715 21.2958L40.2372 23.7743C41.9592 24.8506 41.9592 27.3584 40.2372 28.4347L23.4391 38.9335C22.548 39.4904 21.4174 39.4904 20.5264 38.9335L3.72826 28.4347C2.00627 27.3584 2.00627 24.8506 3.72826 23.7743L7.69395 21.2958Z" fill="#09B585"/>
+<path d="M20.5264 0.910221L3.72826 11.409C2.00628 12.4853 2.00628 14.9931 3.72826 16.0694L20.5264 26.5682C21.4174 27.1251 22.548 27.1251 23.4391 26.5682L40.2372 16.0694C41.9592 14.9931 41.9592 12.4853 40.2372 11.409L23.4391 0.910221C22.548 0.353319 21.4174 0.353318 20.5264 0.910221Z" fill="#006088"/>
+<path d="M60.393 28.913L55.0814 10.3493H59.3688L62.4416 23.2478H62.5957L65.9857 10.3493H69.6568L73.0378 23.275H73.2009L76.2737 10.3493H80.5611L75.2494 28.913H71.4243L67.8892 16.7759H67.7442L64.2182 28.913H60.393ZM82.4065 28.913V10.3493H89.7305C91.1385 10.3493 92.338 10.6182 93.329 11.156C94.32 11.6878 95.0754 12.428 95.5951 13.3767C96.1208 14.3194 96.3837 15.4071 96.3837 16.6399C96.3837 17.8726 96.1178 18.9604 95.586 19.903C95.0543 20.8457 94.2838 21.5799 93.2746 22.1057C92.2715 22.6314 91.0569 22.8943 89.6308 22.8943H84.9627V19.749H88.9963C89.7516 19.749 90.374 19.619 90.8635 19.3592C91.359 19.0933 91.7277 18.7277 91.9694 18.2624C92.2171 17.7911 92.341 17.2502 92.341 16.6399C92.341 16.0235 92.2171 15.4857 91.9694 15.0264C91.7277 14.5611 91.359 14.2016 90.8635 13.9478C90.368 13.688 89.7395 13.558 88.9781 13.558H86.3314V28.913H82.4065ZM108.748 15.6881C108.676 14.957 108.364 14.3889 107.815 13.9841C107.265 13.5792 106.518 13.3767 105.576 13.3767C104.935 13.3767 104.394 13.4674 103.953 13.6487C103.512 13.8239 103.174 14.0687 102.938 14.3829C102.708 14.6971 102.594 15.0536 102.594 15.4525C102.581 15.7848 102.651 16.0749 102.802 16.3226C102.959 16.5704 103.174 16.7849 103.446 16.9662C103.718 17.1415 104.032 17.2955 104.388 17.4285C104.745 17.5554 105.126 17.6642 105.53 17.7548L107.198 18.1536C108.008 18.3349 108.751 18.5766 109.428 18.8788C110.105 19.1809 110.691 19.5526 111.187 19.9937C111.682 20.4348 112.066 20.9545 112.338 21.5527C112.616 22.151 112.758 22.8369 112.764 23.6103C112.758 24.7464 112.468 25.7314 111.894 26.5653C111.325 27.3932 110.504 28.0367 109.428 28.496C108.358 28.9492 107.068 29.1758 105.558 29.1758C104.059 29.1758 102.754 28.9462 101.642 28.4869C100.536 28.0277 99.6718 27.3479 99.0494 26.4475C98.433 25.541 98.1097 24.4201 98.0795 23.0846H101.877C101.92 23.707 102.098 24.2267 102.412 24.6437C102.733 25.0546 103.159 25.3658 103.69 25.5773C104.228 25.7828 104.835 25.8855 105.512 25.8855C106.177 25.8855 106.754 25.7888 107.244 25.5954C107.739 25.4021 108.123 25.1331 108.395 24.7887C108.667 24.4443 108.803 24.0485 108.803 23.6013C108.803 23.1843 108.679 22.8338 108.431 22.5498C108.189 22.2658 107.833 22.0241 107.361 21.8247C106.896 21.6253 106.325 21.444 105.648 21.2808L103.627 20.7732C102.062 20.3925 100.826 19.7973 99.9196 18.9875C99.0131 18.1778 98.563 17.0871 98.569 15.7153C98.563 14.5914 98.8621 13.6094 99.4664 12.7694C100.077 11.9295 100.914 11.2738 101.977 10.8025C103.041 10.3311 104.249 10.0955 105.603 10.0955C106.981 10.0955 108.183 10.3311 109.21 10.8025C110.244 11.2738 111.048 11.9295 111.622 12.7694C112.196 13.6094 112.492 14.5823 112.51 15.6881H108.748ZM121.367 29.1849C119.94 29.1849 118.714 28.8827 117.686 28.2785C116.665 27.6681 115.88 26.8221 115.33 25.7405C114.786 24.6588 114.514 23.414 114.514 22.006C114.514 20.5798 114.789 19.329 115.339 18.2533C115.895 17.1717 116.683 16.3287 117.705 15.7244C118.726 15.1141 119.94 14.8089 121.348 14.8089C122.563 14.8089 123.627 15.0295 124.539 15.4706C125.452 15.9117 126.174 16.5311 126.705 17.3288C127.237 18.1264 127.53 19.0631 127.585 20.1387H123.941C123.838 19.4438 123.566 18.8848 123.125 18.4618C122.69 18.0328 122.119 17.8183 121.412 17.8183C120.814 17.8183 120.291 17.9814 119.844 18.3077C119.403 18.628 119.058 19.0963 118.81 19.7127C118.563 20.3291 118.439 21.0754 118.439 21.9516C118.439 22.8399 118.56 23.5952 118.801 24.2177C119.049 24.8401 119.397 25.3144 119.844 25.6407C120.291 25.9671 120.814 26.1302 121.412 26.1302C121.853 26.1302 122.249 26.0396 122.599 25.8583C122.956 25.677 123.249 25.4141 123.479 25.0697C123.714 24.7192 123.868 24.2992 123.941 23.8098H127.585C127.524 24.8733 127.234 25.8099 126.714 26.6197C126.201 27.4234 125.491 28.0519 124.584 28.5051C123.678 28.9583 122.605 29.1849 121.367 29.1849ZM133.772 29.1758C132.884 29.1758 132.092 29.0217 131.397 28.7135C130.702 28.3993 130.152 27.937 129.747 27.3267C129.348 26.7103 129.149 25.9429 129.149 25.0244C129.149 24.2509 129.291 23.6013 129.575 23.0756C129.859 22.5498 130.246 22.1268 130.735 21.8065C131.225 21.4863 131.781 21.2446 132.403 21.0814C133.032 20.9182 133.69 20.8034 134.379 20.737C135.189 20.6524 135.842 20.5738 136.337 20.5013C136.833 20.4227 137.192 20.3079 137.416 20.1568C137.639 20.0058 137.751 19.7822 137.751 19.4861V19.4317C137.751 18.8576 137.57 18.4135 137.207 18.0992C136.851 17.785 136.343 17.6279 135.684 17.6279C134.989 17.6279 134.437 17.782 134.026 18.0902C133.615 18.3923 133.343 18.773 133.21 19.2323L129.639 18.9422C129.82 18.0962 130.176 17.365 130.708 16.7487C131.24 16.1262 131.926 15.6489 132.766 15.3165C133.612 14.9781 134.591 14.8089 135.703 14.8089C136.476 14.8089 137.216 14.8995 137.923 15.0808C138.636 15.2621 139.268 15.5431 139.818 15.9238C140.374 16.3045 140.812 16.794 141.132 17.3922C141.452 17.9844 141.612 18.6945 141.612 19.5223V28.913H137.951V26.9823H137.842C137.618 27.4174 137.319 27.8011 136.944 28.1334C136.57 28.4597 136.12 28.7166 135.594 28.9039C135.068 29.0852 134.461 29.1758 133.772 29.1758ZM134.878 26.5109C135.446 26.5109 135.947 26.3991 136.382 26.1755C136.817 25.9459 137.159 25.6377 137.407 25.251C137.654 24.8642 137.778 24.4261 137.778 23.9367V22.4592C137.657 22.5377 137.491 22.6103 137.28 22.6767C137.074 22.7372 136.842 22.7946 136.582 22.8489C136.322 22.8973 136.062 22.9426 135.802 22.9849C135.542 23.0212 135.307 23.0544 135.095 23.0846C134.642 23.1511 134.246 23.2568 133.908 23.4019C133.569 23.5469 133.307 23.7433 133.119 23.991C132.932 24.2328 132.838 24.5349 132.838 24.8975C132.838 25.4232 133.029 25.8251 133.409 26.103C133.796 26.375 134.285 26.5109 134.878 26.5109ZM148.214 20.8639V28.913H144.353V14.9902H148.033V17.4466H148.196C148.504 16.6369 149.021 15.9963 149.746 15.525C150.471 15.0476 151.351 14.8089 152.384 14.8089C153.351 14.8089 154.194 15.0204 154.913 15.4434C155.632 15.8664 156.191 16.4707 156.59 17.2563C156.989 18.0358 157.188 18.9664 157.188 20.0481V28.913H153.327V20.737C153.333 19.8849 153.115 19.2202 152.674 18.7428C152.233 18.2594 151.626 18.0177 150.852 18.0177C150.332 18.0177 149.873 18.1295 149.474 18.353C149.082 18.5766 148.773 18.9029 148.55 19.332C148.332 19.755 148.22 20.2656 148.214 20.8639Z" fill="black"/>
 </svg>

wpscan/trunk/assets/svg/menu-icon.svg

@@ -1 @@
-<svg id="Layer_1_copy" data-name="Layer 1 copy" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 20 20"><defs><style>.cls-1{fill:#a0a5aa;}</style></defs><title>Artboard 2</title><polyline class="cls-1" points="16.67 10 20 8.08 10 2.3 0 8.08 3.33 10 10 6.15 16.67 10"/><path class="cls-1" d="M16.67,10l-4.2,2.42L10,13.85l-.51-.3L8.3,12.87,7.15,14.13a.93.93,0,0,1-.64.27.9.9,0,0,1-.63-.27.88.88,0,0,1,0-1.27L6.81,12,3.33,10,0,11.92,10,17.7l10-5.78Z"/><path class="cls-1" d="M11.36,10A1.37,1.37,0,0,1,10,11.36h0V11h0a1,1,0,0,0,.72-.29A1,1,0,0,0,11,10ZM10,11.72a1.72,1.72,0,0,1-1.21-.5A1.74,1.74,0,0,1,8.29,10,1.71,1.71,0,1,1,10,11.72Zm0-3.94A2.23,2.23,0,0,0,7.77,10a2.17,2.17,0,0,0,.49,1.38c-.14.13-1.86,1.69-2,1.84a.37.37,0,1,0,.53.53c.15-.15,1.71-1.87,1.83-2a2.28,2.28,0,0,0,1.39.49,2.23,2.23,0,1,0,0-4.46Z"/></svg>
+<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path fill-rule="evenodd" clip-rule="evenodd" d="M2.80005 8.75L7.47005 11.6687C7.79432 11.8714 8.20577 11.8714 8.53004 11.6687L13.2 8.75L14.6432 9.65201C15.2699 10.0437 15.2699 10.9563 14.6432 11.348L8.53004 15.1688C8.20577 15.3714 7.79432 15.3714 7.47005 15.1688L1.35684 11.348C0.730173 10.9563 0.730174 10.0437 1.35684 9.65201L2.80005 8.75Z" fill="#09B585"/>
+<path d="M7.47 1.33125L1.3568 5.152C0.730129 5.54367 0.730128 6.45633 1.3568 6.848L7.47 10.6688C7.79427 10.8714 8.20573 10.8714 8.53 10.6688L14.6432 6.848C15.2699 6.45633 15.2699 5.54367 14.6432 5.152L8.53 1.33125C8.20573 1.12858 7.79427 1.12858 7.47 1.33125Z" fill="#006088"/>
+</svg>

wpscan/trunk/readme.txt

@@ -4 +4 @@
 Requires at least: 3.4
 Tested up to: 5.8
-Stable tag: 1.15.5
+Stable tag: 1.15.6
 Requires PHP: 5.5
 License: GPLv3
@@ -12 +12 @@
 
 == Description ==
+
+<strong>Please note:</strong> This plugin is no longer actively supported for non-enterprise customers. **We recommend using [Jetpack Protect](https://wordpress.org/plugins/jetpack-protect/)** - a free security plugin for WordPress that leverages the extensive database of WPScan. Jetpack Protect scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats and malware.
+
+---
 
 The WPScan WordPress security plugin is unique in that it uses its own manually curated [WPScan WordPress Vulnerability Database](https://wpscan.com/). The vulnerability database has been around since 2014 and is updated on a daily basis by dedicated WordPress security specialists and the community at large. The database includes more than 21,000 known security vulnerabilities. The plugin uses this database to scan for [WordPress vulnerabilities](https://wpscan.com/wordpresses), [plugin vulnerabilities](https://wpscan.com/plugins) and [theme vulnerabilities](https://wpscan.com/themes), and has the options to schedule automated daily scans and to send email notifications.
@@ -90 +94 @@
 
 == Changelog ==
+
+= 1.15.6 =
+* Added a notice mentioning Jetpack Protect
 
 = 1.15.5 =

wpscan/trunk/security-checks/weak-passwords/check.php

@@ -68 +68 @@
     foreach ( $users as $user ) {
       $username = $user->user_login;
+
+      // Using login as password.
+      if ( wp_check_password( $username, $user->data->user_pass, $user->ID ) ) {
+        array_push( $found, $username );
+        continue;
+      }
       
       foreach ( $passwords as $password ) {

wpscan/trunk/uninstall.php

@@ -18 +18 @@
                 }
             }
+            $all_user_ids = get_users( 'fields=ID' );
+            foreach ( $all_user_ids as $user_id ) {
+                delete_user_meta( $user_id, 'protect_notice_dismissed' );
+            }
         }
         restore_current_blog();
@@ -27 +31 @@
         }
     }
+    $all_user_ids = get_users( 'fields=ID' );
+    foreach ( $all_user_ids as $user_id ) {
+        delete_user_meta( $user_id, 'protect_notice_dismissed' );
+    }
 }

wpscan/trunk/wpscan.php

@@ -4 +4 @@
  * Plugin URI:    http://wordpress.org/plugins/wpscan/
  * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
- * Version:       1.15.5
+ * Version:       1.15.6
  * Author:        WPScan Team
  * Author URI:    https://wpscan.com/