Checks the potential introduced_in version

2021-03-22 11:35:11 +01:00
parent b0e946ee29
commit 4d00d97be9
4 changed files with 110 additions and 36 deletions
--- a/app/models/wp_item.rb
+++ b/app/models/wp_item.rb
@@ -53,7 +53,9 @@ module WPScan
      #
      # @return [ Boolean ]
      def vulnerable_to?(vuln)
-        return true unless version && vuln && vuln.fixed_in && !vuln.fixed_in.empty?
+        return false if version && vuln&.introduced_in && version < vuln.introduced_in
+
+        return true unless version && vuln&.fixed_in && !vuln.fixed_in.empty?

        version < vuln.fixed_in
      end