Detection of the wp-content directory improved

lib/wpscan/wp_target.rb

@@ -84,10 +84,10 @@ class WpTarget
     unless @wp_content_dir
       index_body = Browser.instance.get(@uri.to_s).body
 
-      if index_body[%r{/wp-content/themes/}i]
+      if index_body[%r{/wp-content/(?:themes|plugins)/}i]
         @wp_content_dir = "wp-content"
       else
-        @wp_content_dir = index_body[%r{(?:href|src)=(?:"|')#{@uri}/?(.*)/themes/.*(?:"|')}i, 1]
+        @wp_content_dir = index_body[%r{(?:href|src)=(?:"|')#{@uri}/?([^"']+)/(?:themes|plugins)/.*(?:"|')}i, 1]
       end
     end
     @wp_content_dir

spec/fixtures/wpscan/wp_target/wp_content_dir/wordpress-3.4.1-in-plugins.htm

@@ -0,0 +1,8 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+    <link rel="stylesheet" type="text/css" href="http://wordpress-3.4.1/wp-content/plugins/wp-turbo/turbo.css" media="screen" />
+    <title>Hello</title>
+  </head>
+  <body />
+</html>

spec/lib/wpscan/wp_target_spec.rb

@@ -121,6 +121,12 @@ describe WpTarget do
       @expected   = "wp-content"
     end
 
+    it "should find the location even if the src or href goes in the plugins dir" do
+      @target_url = "http://wordpress-3.4.1-in-plugins.htm"
+      @fixture    = fixtures_dir + "/wordpress-3.4.1-in-plugins.htm"
+      @expected   = "wp-content"
+    end
+
   end
 
   describe "#wp_plugins_dir" do