Changeset 2982148

Timestamp:

10/22/2023 03:25:10 AM (2 years ago)

Author:

miguelxavierpenha

Message:

New 1.15.7 version release

Location:

wpscan

Files:

• tags/1.15.7 (copied) (copied from wpscan/trunk)
• tags/1.15.7/app/Plugin.php (modified) (2 diffs)
• tags/1.15.7/readme.txt (modified) (2 diffs)
• tags/1.15.7/wpscan.php (modified) (1 diff)
• trunk/app/Plugin.php (modified) (2 diffs)
• trunk/readme.txt (modified) (2 diffs)
• trunk/wpscan.php (modified) (1 diff)

wpscan/tags/1.15.7/app/Plugin.php

@@ -755 +755 @@
         // Trim and remove potential leading 'v'.
         $version = ltrim( trim( $version ), 'v' );
+        $version = $this->normalize_version( $version );
 
         foreach ( $data->$key->vulnerabilities as $item ) {
+            if ( $item->introduced_in ) {
+                if ( version_compare( $version, $item->introduced_in, '<' ) ) {
+                    continue;
+                }
+            }
+
             if ( $item->fixed_in ) {
                 if ( version_compare( $version, $item->fixed_in, '<' ) ) {
@@ -923 +930 @@
 
     /**
+     * Normalizes version numbers
+     *
+     * @since 1.15.7
+     * @access public
+     * @return string
+     */
+    public function normalize_version( $version ) {
+        if ( preg_match( '/(\.?\d+)+/', $version, $matches ) ) {
+            $version_string = $matches[0];
+        } else {
+            $version_string = '';
+        }
+
+        // if the version string looks like .5 then make it 0.5
+        if ( isset( $version_string[0] ) && $version_string[0] === '.' ) {
+            $version_string = '0' . $version_string;
+        }
+
+        return $version_string;
+    }
+
+    /**
      * Notify non-enterprise level users of Jetpack Protect
      *

wpscan/tags/1.15.7/readme.txt

@@ -3 +3 @@
 Tags: wpscan, wpvulndb, security, vulnerability, hack, scan, exploit, secure, alerts
 Requires at least: 3.4
-Tested up to: 6.1.1 
-Stable tag: 1.15.6
+Tested up to: 6.3.2
+Stable tag: 1.15.7
 Requires PHP: 5.5
 License: GPLv3
@@ -93 +93 @@
 == Changelog ==
 
+= 1.15.7 =
+* Fix the way the plugin handles extension versions to be more accurate.
+
 = 1.15.6 =
-* Added a notice mentioning Jetpack Protect
+* Added a notice pointing regular users to Jetpack Protect
 
 = 1.15.5 =

wpscan/tags/1.15.7/wpscan.php

@@ -4 +4 @@
  * Plugin URI:    http://wordpress.org/plugins/wpscan/
  * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
- * Version:       1.15.6
+ * Version:       1.15.7
  * Author:        WPScan Team
  * Author URI:    https://wpscan.com/

wpscan/trunk/app/Plugin.php

@@ -755 +755 @@
         // Trim and remove potential leading 'v'.
         $version = ltrim( trim( $version ), 'v' );
+        $version = $this->normalize_version( $version );
 
         foreach ( $data->$key->vulnerabilities as $item ) {
+            if ( $item->introduced_in ) {
+                if ( version_compare( $version, $item->introduced_in, '<' ) ) {
+                    continue;
+                }
+            }
+
             if ( $item->fixed_in ) {
                 if ( version_compare( $version, $item->fixed_in, '<' ) ) {
@@ -923 +930 @@
 
     /**
+     * Normalizes version numbers
+     *
+     * @since 1.15.7
+     * @access public
+     * @return string
+     */
+    public function normalize_version( $version ) {
+        if ( preg_match( '/(\.?\d+)+/', $version, $matches ) ) {
+            $version_string = $matches[0];
+        } else {
+            $version_string = '';
+        }
+
+        // if the version string looks like .5 then make it 0.5
+        if ( isset( $version_string[0] ) && $version_string[0] === '.' ) {
+            $version_string = '0' . $version_string;
+        }
+
+        return $version_string;
+    }
+
+    /**
      * Notify non-enterprise level users of Jetpack Protect
      *

wpscan/trunk/readme.txt

@@ -3 +3 @@
 Tags: wpscan, wpvulndb, security, vulnerability, hack, scan, exploit, secure, alerts
 Requires at least: 3.4
-Tested up to: 6.1.1 
-Stable tag: 1.15.6
+Tested up to: 6.3.2
+Stable tag: 1.15.7
 Requires PHP: 5.5
 License: GPLv3
@@ -93 +93 @@
 == Changelog ==
 
+= 1.15.7 =
+* Fix the way the plugin handles extension versions to be more accurate.
+
 = 1.15.6 =
-* Added a notice mentioning Jetpack Protect
+* Added a notice pointing regular users to Jetpack Protect
 
 = 1.15.5 =

wpscan/trunk/wpscan.php

@@ -4 +4 @@
  * Plugin URI:    http://wordpress.org/plugins/wpscan/
  * Description:   WPScan WordPress Security Scanner. Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.
- * Version:       1.15.6
+ * Version:       1.15.7
  * Author:        WPScan Team
  * Author URI:    https://wpscan.com/