From 4ea2555e7b1ee8761bb8383f36915804616e2361 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Sun, 16 Sep 2012 10:29:28 +0200
Subject: [PATCH] bugfixing

---
 doc/WpDetector.html                           | 16 ++++-
 doc/WpEnumerator.html                         |  2 +-
 doc/WpItem.html                               | 68 ++++++++++++++-----
 doc/WpLoginProtection.html                    |  2 +-
 doc/WpPlugin.html                             | 32 +++++++--
 doc/WpPlugins.html                            | 56 ++++++++++++++-
 doc/WpTarget.html                             |  2 +-
 doc/WpTheme.html                              | 64 ++++++++++++-----
 doc/WpscanOptions.html                        | 41 +++++------
 doc/created.rid                               | 26 +++----
 doc/index.html                                | 52 +++++++-------
 doc/lib/wpscan/modules/wp_item_rb.html        |  2 +-
 .../modules/wp_login_protection_rb.html       |  2 +-
 doc/lib/wpscan/modules/wp_plugins_rb.html     |  2 +-
 doc/lib/wpscan/wp_detector_rb.html            |  2 +-
 doc/lib/wpscan/wp_enumerator_rb.html          |  2 +-
 doc/lib/wpscan/wp_plugin_rb.html              |  2 +-
 doc/lib/wpscan/wp_target_rb.html              |  2 +-
 doc/lib/wpscan/wp_theme_rb.html               |  2 +-
 doc/lib/wpscan/wpscan_options_rb.html         |  2 +-
 doc/lib/wpstools/parse_svn_rb.html            |  2 +-
 doc/wpscan_rb.html                            |  2 +-
 lib/wpscan/modules/wp_item.rb                 |  4 +-
 lib/wpscan/modules/wp_login_protection.rb     |  2 +-
 lib/wpscan/modules/wp_plugins.rb              |  2 +-
 lib/wpscan/modules/wp_themes.rb               |  2 +-
 lib/wpscan/wp_detector.rb                     |  2 +-
 lib/wpscan/wp_enumerator.rb                   |  2 +-
 lib/wpscan/wp_plugin.rb                       |  4 +-
 lib/wpscan/wp_theme.rb                        |  4 +-
 wpscan.rb                                     |  2 +-
 31 files changed, 281 insertions(+), 126 deletions(-)

diff --git a/doc/WpDetector.html b/doc/WpDetector.html
index ebd52250..d7f07f8b 100644
--- a/doc/WpDetector.html
+++ b/doc/WpDetector.html
@@ -237,7 +237,17 @@
 
   <span class="ruby-identifier">enum_results</span> = <span class="ruby-constant">WpEnumerator</span>.<span class="ruby-identifier">enumerate</span>(<span class="ruby-identifier">options</span>)
   <span class="ruby-identifier">enum_results</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">enum_result</span><span class="ruby-operator">|</span>
-    <span class="ruby-identifier">result</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">enum_result</span>
+    <span class="ruby-identifier">already_present</span> = <span class="ruby-keyword">false</span>
+    <span class="ruby-identifier">result</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">r</span><span class="ruby-operator">|</span>
+      <span class="ruby-comment"># Already found via passive detection</span>
+      <span class="ruby-keyword">if</span> <span class="ruby-identifier">r</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-identifier">enum_result</span>.<span class="ruby-identifier">name</span>
+        <span class="ruby-identifier">already_present</span> = <span class="ruby-keyword">true</span>
+        <span class="ruby-keyword">break</span>
+      <span class="ruby-keyword">end</span>
+    <span class="ruby-keyword">end</span>
+    <span class="ruby-keyword">if</span> <span class="ruby-keyword">not</span> <span class="ruby-identifier">already_present</span>
+      <span class="ruby-identifier">result</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-identifier">enum_result</span>
+    <span class="ruby-keyword">end</span>
   <span class="ruby-keyword">end</span>
   <span class="ruby-identifier">result</span>
 <span class="ruby-keyword">end</span></pre>
@@ -274,7 +284,7 @@
             
             <div class="method-source-code" id="passive_detection-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_detector.rb, line 40</span>
+<span class="ruby-comment"># File lib/wpscan/wp_detector.rb, line 50</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">url</span>, <span class="ruby-identifier">type</span>, <span class="ruby-identifier">wp_content_dir</span>)
   <span class="ruby-identifier">items</span>         = []
   <span class="ruby-identifier">response</span>      = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">url</span>)
@@ -288,7 +298,7 @@
   <span class="ruby-identifier">names</span>.<span class="ruby-identifier">uniq!</span>
 
   <span class="ruby-identifier">names</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">item</span><span class="ruby-operator">|</span>
-    <span class="ruby-identifier">items</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:base_url</span> =<span class="ruby-operator">&gt;</span>  <span class="ruby-identifier">url</span>, <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>, <span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-node">&quot;#{type}/#{item}&quot;</span> }
+    <span class="ruby-identifier">items</span> <span class="ruby-operator">&lt;&lt;</span> { <span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span>  <span class="ruby-identifier">url</span>, <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>, <span class="ruby-value">:path</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-node">&quot;#{type}/#{item}&quot;</span> }
   <span class="ruby-keyword">end</span>
   <span class="ruby-identifier">items</span>
 <span class="ruby-keyword">end</span></pre>
diff --git a/doc/WpEnumerator.html b/doc/WpEnumerator.html
index 1479d2a8..5a12e907 100644
--- a/doc/WpEnumerator.html
+++ b/doc/WpEnumerator.html
@@ -226,7 +226,7 @@
 <ul><li>
 <p><tt>targets</tt> - targets to enumerate</p>
 </li><li><ul><li>
-<p><tt>:base_url</tt> - Base URL</p>
+<p><tt>:url</tt> - Base URL</p>
 </li></ul>
 </li><li><ul><li>
 <p><tt>:wp_content</tt> - wp-content directory</p>
diff --git a/doc/WpItem.html b/doc/WpItem.html
index a5846a4a..fbc54d34 100644
--- a/doc/WpItem.html
+++ b/doc/WpItem.html
@@ -67,6 +67,8 @@
           
           <li><a href="#method-i-get_url">#get_url</a></li>
           
+          <li><a href="#method-i-get_url_without_filename">#get_url_without_filename</a></li>
+          
           <li><a href="#method-i-location_uri_from_file_url">#location_uri_from_file_url</a></li>
           
           <li><a href="#method-i-to_s">#to_s</a></li>
@@ -209,13 +211,13 @@
         <h3 class="section-header">Attributes</h3>
 
         
-        <div id="base_url-attribute-method" class="method-detail">
-          <a name="base_url"></a>
+        <div id="path-attribute-method" class="method-detail">
+          <a name="path"></a>
           
-          <a name="base_url="></a>
+          <a name="path="></a>
           
           <div class="method-heading attribute-method-heading">
-            <span class="method-name">base_url</span><span
+            <span class="method-name">path</span><span
               class="attribute-access-type">[RW]</span>
           </div>
 
@@ -226,13 +228,13 @@
           </div>
         </div>
         
-        <div id="path-attribute-method" class="method-detail">
-          <a name="path"></a>
+        <div id="url-attribute-method" class="method-detail">
+          <a name="url"></a>
           
-          <a name="path="></a>
+          <a name="url="></a>
           
           <div class="method-heading attribute-method-heading">
-            <span class="method-name">path</span><span
+            <span class="method-name">url</span><span
               class="attribute-access-type">[RW]</span>
           </div>
 
@@ -288,7 +290,7 @@
             
             <div class="method-source-code" id="3C-3D-3E-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 54</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 59</span>
 <span class="ruby-keyword">def</span> <span class="ruby-operator">&lt;=&gt;</span>(<span class="ruby-identifier">item</span>)
   <span class="ruby-identifier">item</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">&lt;=&gt;</span> <span class="ruby-ivar">@name</span>
 <span class="ruby-keyword">end</span></pre>
@@ -321,7 +323,7 @@
             
             <div class="method-source-code" id="3D-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 50</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 55</span>
 <span class="ruby-keyword">def</span> <span class="ruby-operator">==</span>(<span class="ruby-identifier">item</span>)
   <span class="ruby-identifier">item</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">==</span> <span class="ruby-ivar">@name</span>
 <span class="ruby-keyword">end</span></pre>
@@ -354,7 +356,7 @@
             
             <div class="method-source-code" id="directory_listing-3F-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 36</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 41</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">directory_listing?</span>
   <span class="ruby-comment"># Need to remove to file part from the url</span>
   <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">location_uri_from_file_url</span>(<span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">to_s</span>)).<span class="ruby-identifier">body</span>[<span class="ruby-regexp">%{&lt;title&gt;Index of}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
@@ -388,7 +390,7 @@
             
             <div class="method-source-code" id="extract_name_from_url-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 41</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 46</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">extract_name_from_url</span>(<span class="ruby-identifier">url</span>)
   <span class="ruby-identifier">url</span>.<span class="ruby-identifier">to_s</span>[<span class="ruby-regexp">%{^(https?://.*/([^/]+)/)}</span>, <span class="ruby-value">2</span>]
 <span class="ruby-keyword">end</span></pre>
@@ -423,7 +425,7 @@
 <pre>
 <span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 23</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">get_url</span>
-  <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{@base_url.to_s}#@wp_content_dir/#@path&quot;</span>)
+  <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{@url.to_s}#@wp_content_dir/#@path&quot;</span>)
 <span class="ruby-keyword">end</span></pre>
             </div><!-- get_url-source -->
             
@@ -435,6 +437,40 @@
         </div><!-- get_url-method -->
 
       
+        <div id="get_url_without_filename-method" class="method-detail ">
+          <a name="method-i-get_url_without_filename"></a>
+
+          
+          <div class="method-heading">
+            <span class="method-name">get_url_without_filename</span><span
+              class="method-args">()</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+          
+
+          <div class="method-description">
+            
+            
+            
+
+            
+            <div class="method-source-code" id="get_url_without_filename-source">
+<pre>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 27</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier">get_url_without_filename</span>
+  <span class="ruby-identifier">uri</span> = <span class="ruby-identifier">get_url</span>
+  <span class="ruby-constant">URI</span>.<span class="ruby-identifier">parse</span>(<span class="ruby-node">&quot;#{uri.scheme}://#{uri.host}#{File.dirname(uri.path)}&quot;</span>)
+<span class="ruby-keyword">end</span></pre>
+            </div><!-- get_url_without_filename-source -->
+            
+          </div>
+
+          
+
+          
+        </div><!-- get_url_without_filename-method -->
+
+      
         <div id="location_uri_from_file_url-method" class="method-detail ">
           <a name="method-i-location_uri_from_file_url"></a>
 
@@ -454,7 +490,7 @@
             
             <div class="method-source-code" id="location_uri_from_file_url-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 58</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 63</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">location_uri_from_file_url</span>(<span class="ruby-identifier">location_url</span>)
   <span class="ruby-identifier">valid_location_url</span> = <span class="ruby-identifier">location_url</span>[<span class="ruby-regexp">%{^(https?://.*/)[^.]+\.[^/]+$}</span>, <span class="ruby-value">1</span>]
   <span class="ruby-keyword">unless</span> <span class="ruby-identifier">valid_location_url</span>
@@ -491,7 +527,7 @@
             
             <div class="method-source-code" id="to_s-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 45</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 50</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">to_s</span>
   <span class="ruby-identifier">item_version</span> = <span class="ruby-identifier">version</span>
   <span class="ruby-node">&quot;#@name#{' v' + item_version if item_version}&quot;</span>
@@ -525,7 +561,7 @@
             
             <div class="method-source-code" id="version-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 27</span>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_item.rb, line 32</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">version</span>
   <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@version</span>
     <span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;readme.txt&quot;</span>).<span class="ruby-identifier">to_s</span>)
diff --git a/doc/WpLoginProtection.html b/doc/WpLoginProtection.html
index d7effa5c..59cfbdfc 100644
--- a/doc/WpLoginProtection.html
+++ b/doc/WpLoginProtection.html
@@ -288,7 +288,7 @@ found</p>
 
         <span class="ruby-keyword">return</span> <span class="ruby-ivar">@login_protection_plugin</span> = <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
             <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">plugin_name</span>,
-            <span class="ruby-value">:base_url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
+            <span class="ruby-value">:url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-ivar">@uri</span>.<span class="ruby-identifier">to_s</span>
         )
       <span class="ruby-keyword">end</span>
     <span class="ruby-keyword">end</span>
diff --git a/doc/WpPlugin.html b/doc/WpPlugin.html
index 2d56f801..887b02c4 100644
--- a/doc/WpPlugin.html
+++ b/doc/WpPlugin.html
@@ -214,6 +214,28 @@
       
 
       
+      <!-- Attributes -->
+      <div id="attribute-method-details" class="method-section section">
+        <h3 class="section-header">Attributes</h3>
+
+        
+        <div id="name-attribute-method" class="method-detail">
+          <a name="name"></a>
+          
+          <div class="method-heading attribute-method-heading">
+            <span class="method-name">name</span><span
+              class="attribute-access-type">[R]</span>
+          </div>
+
+          <div class="method-description">
+          
+          
+          
+          </div>
+        </div>
+        
+      </div><!-- attribute-method-details -->
+      
 
       <!-- Methods -->
       
@@ -240,9 +262,9 @@
             
             <div class="method-source-code" id="new-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 24</span>
+<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 26</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span> = {})
-  <span class="ruby-ivar">@base_url</span>       = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
+  <span class="ruby-ivar">@url</span>            = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
   <span class="ruby-ivar">@path</span>           = <span class="ruby-identifier">options</span>[<span class="ruby-value">:path</span>]
   <span class="ruby-ivar">@wp_content_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>]
   <span class="ruby-ivar">@name</span>           = <span class="ruby-identifier">options</span>[<span class="ruby-value">:name</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">extract_name_from_url</span>(<span class="ruby-identifier">get_url</span>)
@@ -250,7 +272,7 @@
   <span class="ruby-ivar">@vulns_xpath</span>    = <span class="ruby-node">&quot;//plugin[@name='#@name']/vulnerability&quot;</span>
   <span class="ruby-ivar">@version</span>        = <span class="ruby-keyword">nil</span>
 
-  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;base_url not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@base_url</span>
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;url not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@url</span>
   <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;path not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@path</span>
   <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;wp_content_dir not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_content_dir</span>
   <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;name not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@name</span>
@@ -294,7 +316,7 @@ href="http://www.exploit-db.com/ghdb/3714/">www.exploit-db.com/ghdb/3714/</a></p
             
             <div class="method-source-code" id="error_log-3F-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 45</span>
+<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 47</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">error_log?</span>
   <span class="ruby-identifier">response_body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">error_log_url</span>(), <span class="ruby-value">:headers</span> =<span class="ruby-operator">&gt;</span> { <span class="ruby-string">&quot;range&quot;</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;bytes=0-700&quot;</span>}).<span class="ruby-identifier">body</span>
   <span class="ruby-identifier">response_body</span>[<span class="ruby-regexp">%{PHP Fatal error}</span>] <span class="ruby-operator">?</span> <span class="ruby-keyword">true</span> <span class="ruby-operator">:</span> <span class="ruby-keyword">false</span>
@@ -328,7 +350,7 @@ href="http://www.exploit-db.com/ghdb/3714/">www.exploit-db.com/ghdb/3714/</a></p
             
             <div class="method-source-code" id="error_log_url-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 50</span>
+<span class="ruby-comment"># File lib/wpscan/wp_plugin.rb, line 52</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">error_log_url</span>
   <span class="ruby-identifier">get_url</span>.<span class="ruby-identifier">merge</span>(<span class="ruby-string">&quot;error_log&quot;</span>).<span class="ruby-identifier">to_s</span>
 <span class="ruby-keyword">end</span></pre>
diff --git a/doc/WpPlugins.html b/doc/WpPlugins.html
index 8f521524..c4d96623 100644
--- a/doc/WpPlugins.html
+++ b/doc/WpPlugins.html
@@ -59,6 +59,8 @@
           
           <li><a href="#method-i-plugins_from_aggressive_detection">#plugins_from_aggressive_detection</a></li>
           
+          <li><a href="#method-i-plugins_from_passive_detection">#plugins_from_passive_detection</a></li>
+          
         </ul>
       </div>
       
@@ -226,7 +228,7 @@
   <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xpath_2</span>] = <span class="ruby-string">&quot;//plugin&quot;</span>
   <span class="ruby-identifier">options</span>[<span class="ruby-value">:type</span>]          = <span class="ruby-string">&quot;plugins&quot;</span>
   <span class="ruby-identifier">result</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">aggressive_detection</span>(<span class="ruby-identifier">options</span>)
-  <span class="ruby-identifier">result</span>
+  <span class="ruby-identifier">result</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }
 <span class="ruby-keyword">end</span></pre>
             </div><!-- plugins_from_aggressive_detection-source -->
             
@@ -238,6 +240,58 @@
         </div><!-- plugins_from_aggressive_detection-method -->
 
       
+        <div id="plugins_from_passive_detection-method" class="method-detail ">
+          <a name="method-i-plugins_from_passive_detection"></a>
+
+          
+          <div class="method-heading">
+            <span class="method-name">plugins_from_passive_detection</span><span
+              class="method-args">(wp_content_dir)</span>
+            <span class="method-click-advice">click to toggle source</span>
+          </div>
+          
+
+          <div class="method-description">
+            
+            <p><a
+href="http://code.google.com/p/wpscan/issues/detail?id=42">code.google.com/p/wpscan/issues/detail?id=42</a>
+plugins can be found in the source code :</p>
+
+<pre>&lt;script src='http://example.com/wp-content/plugins/s2member/...' /&gt;
+&lt;link rel='stylesheet' href='http://example.com/wp-content/plugins/wp-minify/..' type='text/css' media='screen'/&gt;
+...</pre>
+
+<p>return array of <a href="WpPlugin.html">WpPlugin</a></p>
+            
+
+            
+            <div class="method-source-code" id="plugins_from_passive_detection-source">
+<pre>
+<span class="ruby-comment"># File lib/wpscan/modules/wp_plugins.rb, line 40</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier">plugins_from_passive_detection</span>(<span class="ruby-identifier">wp_content_dir</span>)
+  <span class="ruby-identifier">plugins</span> = []
+  <span class="ruby-identifier">temp</span> = <span class="ruby-constant">WpDetector</span>.<span class="ruby-identifier">passive_detection</span>(<span class="ruby-identifier">url</span>(), <span class="ruby-string">&quot;plugins&quot;</span>, <span class="ruby-identifier">wp_content_dir</span>)
+
+  <span class="ruby-identifier">temp</span>.<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">item</span><span class="ruby-operator">|</span>
+    <span class="ruby-identifier">plugins</span> <span class="ruby-operator">&lt;&lt;</span> <span class="ruby-constant">WpPlugin</span>.<span class="ruby-identifier">new</span>(
+        <span class="ruby-value">:url</span>            =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:url</span>],
+        <span class="ruby-value">:name</span>           =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:name</span>],
+        <span class="ruby-value">:path</span>           =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">item</span>[<span class="ruby-value">:path</span>],
+        <span class="ruby-value">:wp_content_dir</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">wp_content_dir</span>
+    )
+  <span class="ruby-keyword">end</span>
+  <span class="ruby-identifier">plugins</span>.<span class="ruby-identifier">sort_by</span> { <span class="ruby-operator">|</span><span class="ruby-identifier">p</span><span class="ruby-operator">|</span> <span class="ruby-identifier">p</span>.<span class="ruby-identifier">name</span> }
+<span class="ruby-keyword">end</span></pre>
+            </div><!-- plugins_from_passive_detection-source -->
+            
+          </div>
+
+          
+
+          
+        </div><!-- plugins_from_passive_detection-method -->
+
+      
       </div><!-- public-instance-method-details -->
     
     </div><!-- 5Buntitled-5D -->
diff --git a/doc/WpTarget.html b/doc/WpTarget.html
index 68f4541a..a9013d20 100644
--- a/doc/WpTarget.html
+++ b/doc/WpTarget.html
@@ -373,7 +373,7 @@
 <pre>
 <span class="ruby-comment"># File lib/wpscan/wp_target.rb, line 76</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">valid_response_codes</span>
-  [<span class="ruby-value">200</span>, <span class="ruby-value">403</span>, <span class="ruby-value">301</span>, <span class="ruby-value">302</span>]
+  [<span class="ruby-value">200</span>, <span class="ruby-value">403</span>, <span class="ruby-value">301</span>, <span class="ruby-value">302</span>, <span class="ruby-value">500</span>]
 <span class="ruby-keyword">end</span></pre>
             </div><!-- valid_response_codes-source -->
             
diff --git a/doc/WpTheme.html b/doc/WpTheme.html
index 67061b5e..af6b5375 100644
--- a/doc/WpTheme.html
+++ b/doc/WpTheme.html
@@ -82,6 +82,18 @@
       
 
       
+      <!-- Included Modules -->
+      <div id="includes-section" class="section">
+        <h3 class="section-header">Included Modules</h3>
+        <ul class="link-list">
+        
+        
+          <li><a class="include" href="WpItem.html">WpItem</a></li>
+        
+        
+        </ul>
+      </div>
+      
     </div>
 
     <div id="project-metadata">
@@ -286,7 +298,7 @@
             
             <div class="method-source-code" id="find-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 43</span>
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 54</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find</span>(<span class="ruby-identifier">target_uri</span>)
   <span class="ruby-keyword">self</span>.<span class="ruby-identifier">methods</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-regexp">/find_from_/</span>).<span class="ruby-identifier">each</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">method_to_call</span><span class="ruby-operator">|</span>
     <span class="ruby-identifier">theme</span> = <span class="ruby-keyword">self</span>.<span class="ruby-identifier">send</span>(<span class="ruby-identifier">method_to_call</span>, <span class="ruby-identifier">target_uri</span>)
@@ -311,7 +323,7 @@
           
           <div class="method-heading">
             <span class="method-name">new</span><span
-              class="method-args">(name, options = {})</span>
+              class="method-args">(options = {})</span>
             <span class="method-click-advice">click to toggle source</span>
           </div>
           
@@ -324,13 +336,23 @@
             
             <div class="method-source-code" id="new-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 25</span>
-<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">name</span>, <span class="ruby-identifier">options</span> = {})
-  <span class="ruby-ivar">@name</span>        = <span class="ruby-identifier">name</span>
-  <span class="ruby-ivar">@vulns_xml</span>   = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_theme_vulns.xml'</span>
-  <span class="ruby-ivar">@vulns_xpath</span> = <span class="ruby-node">&quot;//theme[@name='#{@name}']/vulnerability&quot;</span>
-  <span class="ruby-ivar">@style_url</span>   = <span class="ruby-identifier">options</span>[<span class="ruby-value">:style_url</span>]
-  <span class="ruby-ivar">@version</span>     = <span class="ruby-identifier">options</span>[<span class="ruby-value">:version</span>]
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 26</span>
+<span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>(<span class="ruby-identifier">options</span> = {})
+  <span class="ruby-ivar">@url</span>            = <span class="ruby-identifier">options</span>[<span class="ruby-value">:url</span>]
+  <span class="ruby-ivar">@name</span>           = <span class="ruby-identifier">options</span>[<span class="ruby-value">:name</span>] <span class="ruby-operator">||</span> <span class="ruby-identifier">extract_name_from_url</span>(<span class="ruby-identifier">get_url</span>)
+  <span class="ruby-ivar">@path</span>           = <span class="ruby-identifier">options</span>[<span class="ruby-value">:path</span>]
+  <span class="ruby-ivar">@wp_content_dir</span> = <span class="ruby-identifier">options</span>[<span class="ruby-value">:wp_content_dir</span>]
+  <span class="ruby-ivar">@vulns_xml</span>      = <span class="ruby-identifier">options</span>[<span class="ruby-value">:vulns_xml</span>] <span class="ruby-operator">||</span> <span class="ruby-constant">DATA_DIR</span> <span class="ruby-operator">+</span> <span class="ruby-string">'/wp_theme_vulns.xml'</span>
+  <span class="ruby-ivar">@vulns_xpath</span>    = <span class="ruby-node">&quot;//theme[@name='#{@name}']/vulnerability&quot;</span>
+
+  <span class="ruby-ivar">@version</span>        = <span class="ruby-identifier">options</span>[<span class="ruby-value">:version</span>]
+  <span class="ruby-ivar">@style_url</span>      = <span class="ruby-identifier">options</span>[<span class="ruby-value">:style_url</span>]
+
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;url not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@url</span>
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;path not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@path</span>
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;wp_content_dir not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@wp_content_dir</span>
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;name not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@name</span>
+  <span class="ruby-identifier">raise</span>(<span class="ruby-string">&quot;vulns_xml not set&quot;</span>) <span class="ruby-keyword">unless</span> <span class="ruby-ivar">@vulns_xml</span>
 <span class="ruby-keyword">end</span></pre>
             </div><!-- new-source -->
             
@@ -367,15 +389,20 @@
             
             <div class="method-source-code" id="find_from_css_link-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 64</span>
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 75</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_css_link</span>(<span class="ruby-identifier">target_uri</span>)
   <span class="ruby-identifier">response</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>, <span class="ruby-value">:follow_location</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-keyword">true</span>, <span class="ruby-value">:max_redirects</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-value">2</span>)
 
-  <span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{https?://[^&quot;]+/themes/([^&quot;]+)/style.css}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
+  <span class="ruby-keyword">if</span> <span class="ruby-identifier">matches</span> = <span class="ruby-regexp">%{https?://[^&quot;']+/themes/([^&quot;']+)/style.css}</span>.<span class="ruby-identifier">match</span>(<span class="ruby-identifier">response</span>.<span class="ruby-identifier">body</span>)
     <span class="ruby-identifier">style_url</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">0</span>]
     <span class="ruby-identifier">theme_name</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">1</span>]
 
-    <span class="ruby-keyword">return</span> <span class="ruby-identifier">new</span>(<span class="ruby-identifier">theme_name</span>, <span class="ruby-value">:style_url</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">style_url</span>)
+    <span class="ruby-keyword">return</span> <span class="ruby-identifier">new</span>(<span class="ruby-value">:name</span>            =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">theme_name</span>,
+               <span class="ruby-value">:style_url</span>       =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">style_url</span>,
+               <span class="ruby-value">:url</span>             =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">style_url</span>,
+               <span class="ruby-value">:path</span>            =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;&quot;</span>,
+               <span class="ruby-value">:wp_content_dir</span>  =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;&quot;</span>
+    )
   <span class="ruby-keyword">end</span>
 <span class="ruby-keyword">end</span></pre>
             </div><!-- find_from_css_link-source -->
@@ -408,7 +435,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
             
             <div class="method-source-code" id="find_from_wooframework-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 76</span>
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 92</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">find_from_wooframework</span>(<span class="ruby-identifier">target_uri</span>)
   <span class="ruby-identifier">body</span> = <span class="ruby-constant">Browser</span>.<span class="ruby-identifier">instance</span>.<span class="ruby-identifier">get</span>(<span class="ruby-identifier">target_uri</span>.<span class="ruby-identifier">to_s</span>).<span class="ruby-identifier">body</span>
   <span class="ruby-identifier">regexp</span> = <span class="ruby-regexp">%{&lt;meta name=&quot;generator&quot; content=&quot;([^\s&quot;]+)\s?([^&quot;]+)?&quot; /&gt;\s+&lt;meta name=&quot;generator&quot; content=&quot;WooFramework\s?([^&quot;]+)?&quot; /&gt;}</span>
@@ -418,7 +445,12 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
     <span class="ruby-identifier">woo_theme_version</span>     = <span class="ruby-identifier">matches</span>[<span class="ruby-value">2</span>]
     <span class="ruby-identifier">woo_framework_version</span> = <span class="ruby-identifier">matches</span>[<span class="ruby-value">3</span>] <span class="ruby-comment"># Not used at this time</span>
 
-    <span class="ruby-keyword">return</span> <span class="ruby-identifier">new</span>(<span class="ruby-identifier">woo_theme_name</span>, <span class="ruby-value">:version</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">woo_theme_version</span>)
+    <span class="ruby-keyword">return</span> <span class="ruby-identifier">new</span>(<span class="ruby-value">:name</span>            =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">woo_theme_name</span>,
+               <span class="ruby-value">:version</span>         =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">woo_theme_version</span>,
+               <span class="ruby-value">:url</span>             =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">matches</span>[<span class="ruby-value">0</span>],
+               <span class="ruby-value">:path</span>            =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;&quot;</span>,
+               <span class="ruby-value">:wp_content_dir</span>  =<span class="ruby-operator">&gt;</span> <span class="ruby-string">&quot;&quot;</span>
+    )
   <span class="ruby-keyword">end</span>
 <span class="ruby-keyword">end</span></pre>
             </div><!-- find_from_wooframework-source -->
@@ -456,7 +488,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
             
             <div class="method-source-code" id="3D-3D-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 57</span>
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 68</span>
 <span class="ruby-keyword">def</span> <span class="ruby-operator">===</span>(<span class="ruby-identifier">wp_theme</span>)
   <span class="ruby-identifier">wp_theme</span>.<span class="ruby-identifier">name</span> <span class="ruby-operator">===</span> <span class="ruby-ivar">@name</span> <span class="ruby-keyword">and</span> <span class="ruby-identifier">wp_theme</span>.<span class="ruby-identifier">version</span> <span class="ruby-operator">===</span> <span class="ruby-ivar">@version</span>
 <span class="ruby-keyword">end</span></pre>
@@ -489,7 +521,7 @@ href="http://code.google.com/p/wpscan/issues/detail?id=141">code.google.com/p/wp
             
             <div class="method-source-code" id="to_s-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 52</span>
+<span class="ruby-comment"># File lib/wpscan/wp_theme.rb, line 63</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">to_s</span>
   <span class="ruby-identifier">version</span> = <span class="ruby-identifier">version</span>()
   <span class="ruby-node">&quot;#{@name}#{' v' + version if version}&quot;</span>
diff --git a/doc/WpscanOptions.html b/doc/WpscanOptions.html
index f0ac6a8c..dc0b6921 100644
--- a/doc/WpscanOptions.html
+++ b/doc/WpscanOptions.html
@@ -272,7 +272,7 @@ href="WpscanOptions.html">WpscanOptions</a></p>
             
             <div class="method-source-code" id="load_from_arguments-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 134</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 129</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">load_from_arguments</span>
   <span class="ruby-identifier">wpscan_options</span> = <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">new</span>
 
@@ -315,12 +315,7 @@ href="WpscanOptions.html">WpscanOptions</a></p>
 <pre>
 <span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 47</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">initialize</span>
-  <span class="ruby-ivar">@enumerate_plugins</span> = <span class="ruby-keyword">false</span>
-  <span class="ruby-ivar">@enumerate_themes</span> = <span class="ruby-keyword">false</span>
-  <span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> = <span class="ruby-keyword">false</span>
-  <span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> = <span class="ruby-keyword">false</span>
-  <span class="ruby-ivar">@enumerate_timthumbs</span> = <span class="ruby-keyword">false</span>
-  <span class="ruby-ivar">@enumerate_usernames</span> = <span class="ruby-keyword">false</span>
+
 <span class="ruby-keyword">end</span></pre>
             </div><!-- new-source -->
             
@@ -360,7 +355,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="clean_option-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 221</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 216</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
   <span class="ruby-identifier">cleaned_option</span> = <span class="ruby-identifier">option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/^--?/</span>, <span class="ruby-string">''</span>)
   <span class="ruby-identifier">cleaned_option</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-regexp">/-/</span>, <span class="ruby-string">'_'</span>)
@@ -395,7 +390,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="get_opt_long-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 193</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 188</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">get_opt_long</span>
   <span class="ruby-constant">GetoptLong</span>.<span class="ruby-identifier">new</span>(
     [<span class="ruby-string">&quot;--url&quot;</span>, <span class="ruby-string">&quot;-u&quot;</span>, <span class="ruby-constant">GetoptLong</span><span class="ruby-operator">::</span><span class="ruby-constant">REQUIRED_ARGUMENT</span>],
@@ -443,7 +438,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="is_long_option-3F-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 212</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 207</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">is_long_option?</span>(<span class="ruby-identifier">option</span>)
   <span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">include?</span>(<span class="ruby-value">:&quot;#{WpscanOptions.clean_option(option)}&quot;</span>)
 <span class="ruby-keyword">end</span></pre>
@@ -476,7 +471,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="option_to_instance_variable_setter-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 226</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 221</span>
 <span class="ruby-keyword">def</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">option_to_instance_variable_setter</span>(<span class="ruby-identifier">option</span>)
   <span class="ruby-identifier">cleaned_option</span> = <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">clean_option</span>(<span class="ruby-identifier">option</span>)
   <span class="ruby-identifier">option_syms</span>    = <span class="ruby-constant">ACCESSOR_OPTIONS</span>.<span class="ruby-identifier">grep</span>(<span class="ruby-node">%{^#{cleaned_option}}</span>)
@@ -518,7 +513,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="enumerate_only_vulnerable_plugins-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 90</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 85</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
     <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one&quot;</span>
@@ -555,7 +550,7 @@ any remaining ‘-’ by ‘_’</p>
             
             <div class="method-source-code" id="enumerate_only_vulnerable_themes-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 106</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 101</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes=</span>(<span class="ruby-identifier">enumerate_only_vulnerable_themes</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
     <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate themes and only vulnerable themes at the same time, please choose only one&quot;</span>
@@ -596,7 +591,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
             
             <div class="method-source-code" id="enumerate_options_from_string-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 169</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 164</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_options_from_string</span>(<span class="ruby-identifier">value</span>)
   <span class="ruby-comment"># Usage of self is mandatory because there are overridden setters</span>
   <span class="ruby-keyword">self</span>.<span class="ruby-identifier">enumerate_only_vulnerable_plugins</span> = <span class="ruby-keyword">true</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">value</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/p!/</span>
@@ -647,7 +642,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
             
             <div class="method-source-code" id="enumerate_plugins-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 82</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 77</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_plugins=</span>(<span class="ruby-identifier">enumerate_plugins</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_only_vulnerable_plugins</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
     <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate plugins and only vulnerable plugins at the same time, please choose only one&quot;</span>
@@ -684,7 +679,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
             
             <div class="method-source-code" id="enumerate_themes-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 98</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 93</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">enumerate_themes=</span>(<span class="ruby-identifier">enumerate_themes</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-identifier">enumerate_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span> <span class="ruby-keyword">and</span> <span class="ruby-ivar">@enumerate_only_vulnerable_themes</span> <span class="ruby-operator">===</span> <span class="ruby-keyword">true</span>
     <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;You can't enumerate themes and only vulnerable themes at the same time, please choose only one&quot;</span>
@@ -721,7 +716,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
             
             <div class="method-source-code" id="has_options-3F-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 114</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 109</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">has_options?</span>
   <span class="ruby-operator">!</span><span class="ruby-identifier">to_h</span>.<span class="ruby-identifier">empty?</span>
 <span class="ruby-keyword">end</span></pre>
@@ -754,7 +749,7 @@ href="http://1-10">u</a> will enumerate usernames from 1 to 10</p>
             
             <div class="method-source-code" id="proxy-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 74</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 69</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">proxy=</span>(<span class="ruby-identifier">proxy</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-identifier">proxy</span>.<span class="ruby-identifier">index</span>(<span class="ruby-string">':'</span>) <span class="ruby-operator">==</span> <span class="ruby-keyword">nil</span>
     <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Invalid proxy format. Should be host:port.&quot;</span>
@@ -792,7 +787,7 @@ value</p>
             
             <div class="method-source-code" id="set_option_from_cli-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 148</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 143</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">set_option_from_cli</span>(<span class="ruby-identifier">cli_option</span>, <span class="ruby-identifier">cli_value</span>)
 
   <span class="ruby-keyword">if</span> <span class="ruby-constant">WpscanOptions</span>.<span class="ruby-identifier">is_long_option?</span>(<span class="ruby-identifier">cli_option</span>)
@@ -838,7 +833,7 @@ value</p>
             
             <div class="method-source-code" id="threads-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 62</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 57</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">threads=</span>(<span class="ruby-identifier">threads</span>)
   <span class="ruby-ivar">@threads</span> = <span class="ruby-identifier">threads</span>.<span class="ruby-identifier">is_a?</span>(<span class="ruby-constant">Integer</span>) <span class="ruby-operator">?</span> <span class="ruby-identifier">threads</span> <span class="ruby-operator">:</span> <span class="ruby-identifier">threads</span>.<span class="ruby-identifier">to_i</span>
 <span class="ruby-keyword">end</span></pre>
@@ -871,7 +866,7 @@ value</p>
             
             <div class="method-source-code" id="to_h-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 119</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 114</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">to_h</span>
   <span class="ruby-identifier">options</span> = {}
 
@@ -913,7 +908,7 @@ value</p>
             
             <div class="method-source-code" id="url-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 56</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 51</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">url=</span>(<span class="ruby-identifier">url</span>)
   <span class="ruby-identifier">raise</span> <span class="ruby-string">&quot;Empty URL given&quot;</span> <span class="ruby-keyword">if</span> <span class="ruby-operator">!</span><span class="ruby-identifier">url</span>
 
@@ -948,7 +943,7 @@ value</p>
             
             <div class="method-source-code" id="wordlist-3D-source">
 <pre>
-<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 66</span>
+<span class="ruby-comment"># File lib/wpscan/wpscan_options.rb, line 61</span>
 <span class="ruby-keyword">def</span> <span class="ruby-identifier">wordlist=</span>(<span class="ruby-identifier">wordlist</span>)
   <span class="ruby-keyword">if</span> <span class="ruby-constant">File</span>.<span class="ruby-identifier">exists?</span>(<span class="ruby-identifier">wordlist</span>)
     <span class="ruby-ivar">@wordlist</span> = <span class="ruby-identifier">wordlist</span>
diff --git a/doc/created.rid b/doc/created.rid
index 3834f6d0..b5ddb543 100644
--- a/doc/created.rid
+++ b/doc/created.rid
@@ -1,4 +1,4 @@
-Sat, 15 Sep 2012 23:28:11 +0200
+Sun, 16 Sep 2012 10:27:57 +0200
 ./CREDITS	Thu, 13 Sep 2012 22:54:08 +0200
 ./lib/browser.rb	Sat, 15 Sep 2012 08:03:56 +0200
 ./lib/cache_file_store.rb	Sat, 15 Sep 2012 08:04:03 +0200
@@ -14,28 +14,28 @@ Sat, 15 Sep 2012 23:28:11 +0200
 ./lib/wpscan/modules/web_site.rb	Sat, 15 Sep 2012 08:01:06 +0200
 ./lib/wpscan/modules/wp_config_backup.rb	Sat, 15 Sep 2012 08:01:11 +0200
 ./lib/wpscan/modules/wp_full_path_disclosure.rb	Sat, 15 Sep 2012 08:01:17 +0200
-./lib/wpscan/modules/wp_item.rb	Sat, 15 Sep 2012 20:10:43 +0200
-./lib/wpscan/modules/wp_login_protection.rb	Sat, 15 Sep 2012 16:18:05 +0200
-./lib/wpscan/modules/wp_plugins.rb	Sat, 15 Sep 2012 23:15:20 +0200
+./lib/wpscan/modules/wp_item.rb	Sun, 16 Sep 2012 10:26:21 +0200
+./lib/wpscan/modules/wp_login_protection.rb	Sun, 16 Sep 2012 10:26:51 +0200
+./lib/wpscan/modules/wp_plugins.rb	Sun, 16 Sep 2012 10:27:05 +0200
 ./lib/wpscan/modules/wp_readme.rb	Sat, 15 Sep 2012 08:01:52 +0200
-./lib/wpscan/modules/wp_themes.rb	Sat, 15 Sep 2012 23:14:57 +0200
+./lib/wpscan/modules/wp_themes.rb	Sun, 16 Sep 2012 10:27:17 +0200
 ./lib/wpscan/modules/wp_timthumbs.rb	Sat, 15 Sep 2012 08:01:58 +0200
 ./lib/wpscan/modules/wp_usernames.rb	Sat, 15 Sep 2012 08:02:04 +0200
 ./lib/wpscan/msfrpc_client.rb	Sat, 15 Sep 2012 08:02:28 +0200
 ./lib/wpscan/vulnerable.rb	Sat, 15 Sep 2012 08:02:37 +0200
-./lib/wpscan/wp_detector.rb	Sat, 15 Sep 2012 20:54:19 +0200
-./lib/wpscan/wp_enumerator.rb	Sat, 15 Sep 2012 23:27:28 +0200
+./lib/wpscan/wp_detector.rb	Sun, 16 Sep 2012 10:25:30 +0200
+./lib/wpscan/wp_enumerator.rb	Sun, 16 Sep 2012 10:25:41 +0200
 ./lib/wpscan/wp_options.rb	Sat, 15 Sep 2012 23:15:59 +0200
-./lib/wpscan/wp_plugin.rb	Sat, 15 Sep 2012 22:09:03 +0200
-./lib/wpscan/wp_target.rb	Sat, 15 Sep 2012 21:29:17 +0200
-./lib/wpscan/wp_theme.rb	Sat, 15 Sep 2012 08:02:58 +0200
+./lib/wpscan/wp_plugin.rb	Sun, 16 Sep 2012 10:27:39 +0200
+./lib/wpscan/wp_target.rb	Sat, 15 Sep 2012 23:32:52 +0200
+./lib/wpscan/wp_theme.rb	Sun, 16 Sep 2012 10:27:45 +0200
 ./lib/wpscan/wp_version.rb	Sat, 15 Sep 2012 08:03:04 +0200
 ./lib/wpscan/wp_vulnerability.rb	Sat, 15 Sep 2012 08:03:09 +0200
 ./lib/wpscan/wpscan_helper.rb	Sat, 15 Sep 2012 21:19:30 +0200
-./lib/wpscan/wpscan_options.rb	Sat, 15 Sep 2012 21:55:29 +0200
+./lib/wpscan/wpscan_options.rb	Sun, 16 Sep 2012 10:10:51 +0200
 ./lib/wpstools/generate_list.rb	Sat, 15 Sep 2012 08:03:43 +0200
-./lib/wpstools/parse_svn.rb	Sat, 15 Sep 2012 08:03:36 +0200
+./lib/wpstools/parse_svn.rb	Sat, 15 Sep 2012 23:36:25 +0200
 ./lib/wpstools/wpstools_helper.rb	Sat, 15 Sep 2012 08:03:49 +0200
 ./README	Thu, 13 Sep 2012 22:54:08 +0200
-./wpscan.rb	Sat, 15 Sep 2012 22:20:21 +0200
+./wpscan.rb	Sun, 16 Sep 2012 10:23:36 +0200
 ./wpstools.rb	Sat, 15 Sep 2012 08:06:35 +0200
diff --git a/doc/index.html b/doc/index.html
index 0d12a69a..3f5b6743 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -125,10 +125,10 @@
     
       <li><a href="WpEnumerator.html#method-c-enumerate">::enumerate &mdash; WpEnumerator</a></li>
     
-      <li><a href="WpVersion.html#method-c-find">::find &mdash; WpVersion</a></li>
-    
       <li><a href="WpTheme.html#method-c-find">::find &mdash; WpTheme</a></li>
     
+      <li><a href="WpVersion.html#method-c-find">::find &mdash; WpVersion</a></li>
+    
       <li><a href="WpVersion.html#method-c-find_from_advanced_fingerprinting">::find_from_advanced_fingerprinting &mdash; WpVersion</a></li>
     
       <li><a href="WpTheme.html#method-c-find_from_css_link">::find_from_css_link &mdash; WpTheme</a></li>
@@ -161,29 +161,29 @@
     
       <li><a href="Malwares.html#method-c-malwares_file">::malwares_file &mdash; Malwares</a></li>
     
-      <li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
-    
-      <li><a href="Exploit.html#method-c-new">::new &mdash; Exploit</a></li>
-    
-      <li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
+      <li><a href="WpscanOptions.html#method-c-new">::new &mdash; WpscanOptions</a></li>
     
       <li><a href="WpVulnerability.html#method-c-new">::new &mdash; WpVulnerability</a></li>
     
-      <li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
+      <li><a href="RpcClient.html#method-c-new">::new &mdash; RpcClient</a></li>
     
-      <li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
+      <li><a href="WpPlugin.html#method-c-new">::new &mdash; WpPlugin</a></li>
+    
+      <li><a href="CacheFileStore.html#method-c-new">::new &mdash; CacheFileStore</a></li>
     
       <li><a href="WpVersion.html#method-c-new">::new &mdash; WpVersion</a></li>
     
-      <li><a href="RpcClient.html#method-c-new">::new &mdash; RpcClient</a></li>
+      <li><a href="Generate_List.html#method-c-new">::new &mdash; Generate_List</a></li>
+    
+      <li><a href="Updater.html#method-c-new">::new &mdash; Updater</a></li>
     
       <li><a href="Svn_Parser.html#method-c-new">::new &mdash; Svn_Parser</a></li>
     
-      <li><a href="WpscanOptions.html#method-c-new">::new &mdash; WpscanOptions</a></li>
-    
       <li><a href="WpTarget.html#method-c-new">::new &mdash; WpTarget</a></li>
     
-      <li><a href="Updater.html#method-c-new">::new &mdash; Updater</a></li>
+      <li><a href="Exploit.html#method-c-new">::new &mdash; Exploit</a></li>
+    
+      <li><a href="WpTheme.html#method-c-new">::new &mdash; WpTheme</a></li>
     
       <li><a href="WpscanOptions.html#method-c-option_to_instance_variable_setter">::option_to_instance_variable_setter &mdash; WpscanOptions</a></li>
     
@@ -277,6 +277,8 @@
     
       <li><a href="WpItem.html#method-i-get_url">#get_url &mdash; WpItem</a></li>
     
+      <li><a href="WpItem.html#method-i-get_url_without_filename">#get_url_without_filename &mdash; WpItem</a></li>
+    
       <li><a href="Array.html#method-i-grep">#grep &mdash; Array</a></li>
     
       <li><a href="WpLoginProtection.html#method-i-has_better_wp_security_protection-3F">#has_better_wp_security_protection? &mdash; WpLoginProtection</a></li>
@@ -311,10 +313,10 @@
     
       <li><a href="Updater.html#method-i-is_installed-3F">#is_installed? &mdash; Updater</a></li>
     
-      <li><a href="SvnUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; SvnUpdater</a></li>
-    
       <li><a href="GitUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; GitUpdater</a></li>
     
+      <li><a href="SvnUpdater.html#method-i-is_installed-3F">#is_installed? &mdash; SvnUpdater</a></li>
+    
       <li><a href="WebSite.html#method-i-is_online-3F">#is_online? &mdash; WebSite</a></li>
     
       <li><a href="WebSite.html#method-i-is_wordpress-3F">#is_wordpress? &mdash; WebSite</a></li>
@@ -333,11 +335,11 @@
     
       <li><a href="Browser.html#method-i-load_config">#load_config &mdash; Browser</a></li>
     
-      <li><a href="Updater.html#method-i-local_revision_number">#local_revision_number &mdash; Updater</a></li>
+      <li><a href="SvnUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; SvnUpdater</a></li>
     
       <li><a href="GitUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; GitUpdater</a></li>
     
-      <li><a href="SvnUpdater.html#method-i-local_revision_number">#local_revision_number &mdash; SvnUpdater</a></li>
+      <li><a href="Updater.html#method-i-local_revision_number">#local_revision_number &mdash; Updater</a></li>
     
       <li><a href="WpItem.html#method-i-location_uri_from_file_url">#location_uri_from_file_url &mdash; WpItem</a></li>
     
@@ -359,14 +361,16 @@
     
       <li><a href="Exploit.html#method-i-meterpreter_read">#meterpreter_read &mdash; Exploit</a></li>
     
-      <li><a href="RpcClient.html#method-i-meterpreter_write">#meterpreter_write &mdash; RpcClient</a></li>
-    
       <li><a href="Exploit.html#method-i-meterpreter_write">#meterpreter_write &mdash; Exploit</a></li>
     
+      <li><a href="RpcClient.html#method-i-meterpreter_write">#meterpreter_write &mdash; RpcClient</a></li>
+    
       <li><a href="Svn_Parser.html#method-i-parse">#parse &mdash; Svn_Parser</a></li>
     
       <li><a href="WpPlugins.html#method-i-plugins_from_aggressive_detection">#plugins_from_aggressive_detection &mdash; WpPlugins</a></li>
     
+      <li><a href="WpPlugins.html#method-i-plugins_from_passive_detection">#plugins_from_passive_detection &mdash; WpPlugins</a></li>
+    
       <li><a href="Browser.html#method-i-post">#post &mdash; Browser</a></li>
     
       <li><a href="WpscanOptions.html#method-i-proxy-3D">#proxy= &mdash; WpscanOptions</a></li>
@@ -393,10 +397,10 @@
     
       <li><a href="Exploit.html#method-i-session_count">#session_count &mdash; Exploit</a></li>
     
-      <li><a href="RpcClient.html#method-i-sessions">#sessions &mdash; RpcClient</a></li>
-    
       <li><a href="Exploit.html#method-i-sessions">#sessions &mdash; Exploit</a></li>
     
+      <li><a href="RpcClient.html#method-i-sessions">#sessions &mdash; RpcClient</a></li>
+    
       <li><a href="WpscanOptions.html#method-i-set_option_from_cli">#set_option_from_cli &mdash; WpscanOptions</a></li>
     
       <li><a href="WpLoginProtection.html#method-i-simple_login_lockdown_url">#simple_login_lockdown_url &mdash; WpLoginProtection</a></li>
@@ -409,6 +413,8 @@
     
       <li><a href="WpThemes.html#method-i-themes_from_aggressive_detection">#themes_from_aggressive_detection &mdash; WpThemes</a></li>
     
+      <li><a href="WpThemes.html#method-i-themes_from_passive_detection">#themes_from_passive_detection &mdash; WpThemes</a></li>
+    
       <li><a href="WpscanOptions.html#method-i-threads-3D">#threads= &mdash; WpscanOptions</a></li>
     
       <li><a href="WpTimthumbs.html#method-i-timthumbs">#timthumbs &mdash; WpTimthumbs</a></li>
@@ -439,10 +445,10 @@
     
       <li><a href="WpUsernames.html#method-i-usernames">#usernames &mdash; WpUsernames</a></li>
     
-      <li><a href="WpItem.html#method-i-version">#version &mdash; WpItem</a></li>
-    
       <li><a href="WpTarget.html#method-i-version">#version &mdash; WpTarget</a></li>
     
+      <li><a href="WpItem.html#method-i-version">#version &mdash; WpItem</a></li>
+    
       <li><a href="Vulnerable.html#method-i-vulnerabilities">#vulnerabilities &mdash; Vulnerable</a></li>
     
       <li><a href="WpscanOptions.html#method-i-wordlist-3D">#wordlist= &mdash; WpscanOptions</a></li>
diff --git a/doc/lib/wpscan/modules/wp_item_rb.html b/doc/lib/wpscan/modules/wp_item_rb.html
index 0690e1ae..2a56eb3a 100644
--- a/doc/lib/wpscan/modules/wp_item_rb.html
+++ b/doc/lib/wpscan/modules/wp_item_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 20:10:43 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:26:21 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/modules/wp_login_protection_rb.html b/doc/lib/wpscan/modules/wp_login_protection_rb.html
index 5570d2f4..7fb2830f 100644
--- a/doc/lib/wpscan/modules/wp_login_protection_rb.html
+++ b/doc/lib/wpscan/modules/wp_login_protection_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 16:18:05 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:26:51 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/modules/wp_plugins_rb.html b/doc/lib/wpscan/modules/wp_plugins_rb.html
index 5c750396..e23e3f94 100644
--- a/doc/lib/wpscan/modules/wp_plugins_rb.html
+++ b/doc/lib/wpscan/modules/wp_plugins_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 23:15:20 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:27:05 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wp_detector_rb.html b/doc/lib/wpscan/wp_detector_rb.html
index 45eec883..f097cbb4 100644
--- a/doc/lib/wpscan/wp_detector_rb.html
+++ b/doc/lib/wpscan/wp_detector_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 20:54:19 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:25:30 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wp_enumerator_rb.html b/doc/lib/wpscan/wp_enumerator_rb.html
index dee3c4cb..667412ec 100644
--- a/doc/lib/wpscan/wp_enumerator_rb.html
+++ b/doc/lib/wpscan/wp_enumerator_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 23:27:28 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:25:41 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wp_plugin_rb.html b/doc/lib/wpscan/wp_plugin_rb.html
index 80f1fac6..d0de8016 100644
--- a/doc/lib/wpscan/wp_plugin_rb.html
+++ b/doc/lib/wpscan/wp_plugin_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 22:09:03 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:27:39 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wp_target_rb.html b/doc/lib/wpscan/wp_target_rb.html
index 20f1b180..9c10cb8d 100644
--- a/doc/lib/wpscan/wp_target_rb.html
+++ b/doc/lib/wpscan/wp_target_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 21:29:17 +0200</dd>
+      <dd class="modified-date">2012-09-15 23:32:52 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wp_theme_rb.html b/doc/lib/wpscan/wp_theme_rb.html
index 0409848d..f8a04404 100644
--- a/doc/lib/wpscan/wp_theme_rb.html
+++ b/doc/lib/wpscan/wp_theme_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 08:02:58 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:27:45 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpscan/wpscan_options_rb.html b/doc/lib/wpscan/wpscan_options_rb.html
index ceb7060a..a26386c6 100644
--- a/doc/lib/wpscan/wpscan_options_rb.html
+++ b/doc/lib/wpscan/wpscan_options_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 21:55:29 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:10:51 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/lib/wpstools/parse_svn_rb.html b/doc/lib/wpstools/parse_svn_rb.html
index f1ea32f8..31aa2713 100644
--- a/doc/lib/wpstools/parse_svn_rb.html
+++ b/doc/lib/wpstools/parse_svn_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 08:03:36 +0200</dd>
+      <dd class="modified-date">2012-09-15 23:36:25 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/doc/wpscan_rb.html b/doc/wpscan_rb.html
index e3643ef6..0e961134 100644
--- a/doc/wpscan_rb.html
+++ b/doc/wpscan_rb.html
@@ -24,7 +24,7 @@
   <div id="metadata">
     <dl>
       <dt class="modified-date">Last Modified</dt>
-      <dd class="modified-date">2012-09-15 22:20:21 +0200</dd>
+      <dd class="modified-date">2012-09-16 10:23:36 +0200</dd>
 
       
       <dt class="requires">Requires</dt>
diff --git a/lib/wpscan/modules/wp_item.rb b/lib/wpscan/modules/wp_item.rb
index 9febcc44..719758f7 100644
--- a/lib/wpscan/modules/wp_item.rb
+++ b/lib/wpscan/modules/wp_item.rb
@@ -17,11 +17,11 @@
 #++
 
 module WpItem
-  attr_accessor :path, :base_url, :wp_content_dir
+  attr_accessor :path, :url, :wp_content_dir
   @version = nil
 
   def get_url
-    URI.parse("#{@base_url.to_s}#@wp_content_dir/#@path")
+    URI.parse("#{@url.to_s}#@wp_content_dir/#@path")
   end
 
   def get_url_without_filename
diff --git a/lib/wpscan/modules/wp_login_protection.rb b/lib/wpscan/modules/wp_login_protection.rb
index 7ef10739..595976f6 100644
--- a/lib/wpscan/modules/wp_login_protection.rb
+++ b/lib/wpscan/modules/wp_login_protection.rb
@@ -38,7 +38,7 @@ module WpLoginProtection
 
           return @login_protection_plugin = WpPlugin.new(
               :name => plugin_name,
-              :base_url => @uri.to_s
+              :url => @uri.to_s
           )
         end
       end
diff --git a/lib/wpscan/modules/wp_plugins.rb b/lib/wpscan/modules/wp_plugins.rb
index f2c851c4..a16d4fc2 100644
--- a/lib/wpscan/modules/wp_plugins.rb
+++ b/lib/wpscan/modules/wp_plugins.rb
@@ -43,7 +43,7 @@ module WpPlugins
 
     temp.each do |item|
       plugins << WpPlugin.new(
-          :base_url       => item[:base_url],
+          :url            => item[:url],
           :name           => item[:name],
           :path           => item[:path],
           :wp_content_dir => wp_content_dir
diff --git a/lib/wpscan/modules/wp_themes.rb b/lib/wpscan/modules/wp_themes.rb
index 22fe8a5c..4c2a1e3c 100644
--- a/lib/wpscan/modules/wp_themes.rb
+++ b/lib/wpscan/modules/wp_themes.rb
@@ -34,7 +34,7 @@ module WpThemes
 
     temp.each do |item|
       themes << WpPlugin.new(
-          :base_url       => item[:base_url],
+          :url            => item[:url],
           :name           => item[:name],
           :path           => item[:path],
           :wp_content_dir => wp_content_dir
diff --git a/lib/wpscan/wp_detector.rb b/lib/wpscan/wp_detector.rb
index f0e06256..96f67fbf 100644
--- a/lib/wpscan/wp_detector.rb
+++ b/lib/wpscan/wp_detector.rb
@@ -60,7 +60,7 @@ class WpDetector
     names.uniq!
 
     names.each do |item|
-      items << { :base_url =>  url, :name => item, :path => "#{type}/#{item}" }
+      items << { :url =>  url, :name => item, :path => "#{type}/#{item}" }
     end
     items
   end
diff --git a/lib/wpscan/wp_enumerator.rb b/lib/wpscan/wp_enumerator.rb
index 76012457..bb504f5e 100644
--- a/lib/wpscan/wp_enumerator.rb
+++ b/lib/wpscan/wp_enumerator.rb
@@ -24,7 +24,7 @@ class WpEnumerator
   # ==== Attributes
   #
   # * +targets+ - targets to enumerate
-  # * * +:base_url+ - Base URL
+  # * * +:url+ - Base URL
   # * * +:wp_content+ - wp-content directory
   # * * +:path+ - Path to plugin
   # * +type+ - "plugins" or "themes", item to enumerate
diff --git a/lib/wpscan/wp_plugin.rb b/lib/wpscan/wp_plugin.rb
index 28994577..ae1d58a6 100644
--- a/lib/wpscan/wp_plugin.rb
+++ b/lib/wpscan/wp_plugin.rb
@@ -24,7 +24,7 @@ class WpPlugin < Vulnerable
   attr_reader :name
 
   def initialize(options = {})
-    @base_url       = options[:url]
+    @url            = options[:url]
     @path           = options[:path]
     @wp_content_dir = options[:wp_content_dir]
     @name           = options[:name] || extract_name_from_url(get_url)
@@ -32,7 +32,7 @@ class WpPlugin < Vulnerable
     @vulns_xpath    = "//plugin[@name='#@name']/vulnerability"
     @version        = nil
 
-    raise("base_url not set") unless @base_url
+    raise("url not set") unless @url
     raise("path not set") unless @path
     raise("wp_content_dir not set") unless @wp_content_dir
     raise("name not set") unless @name
diff --git a/lib/wpscan/wp_theme.rb b/lib/wpscan/wp_theme.rb
index c28a2c3a..639a74f5 100644
--- a/lib/wpscan/wp_theme.rb
+++ b/lib/wpscan/wp_theme.rb
@@ -24,7 +24,7 @@ class WpTheme < Vulnerable
   attr_reader :name, :style_url, :version
 
   def initialize(options = {})
-    @base_url       = options[:url]
+    @url            = options[:url]
     @name           = options[:name] || extract_name_from_url(get_url)
     @path           = options[:path]
     @wp_content_dir = options[:wp_content_dir]
@@ -34,7 +34,7 @@ class WpTheme < Vulnerable
     @version        = options[:version]
     @style_url      = options[:style_url]
 
-    raise("base_url not set") unless @base_url
+    raise("url not set") unless @url
     raise("path not set") unless @path
     raise("wp_content_dir not set") unless @wp_content_dir
     raise("name not set") unless @name
diff --git a/wpscan.rb b/wpscan.rb
index f105b36f..559ec3dc 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -153,7 +153,7 @@ begin
     puts
     puts "[+] Enumerating plugins from passive detection ... "
 
-    plugins = wp_target.plugins_from_passive_detection
+    plugins = wp_target.plugins_from_passive_detection(wp_target.wp_content_dir)
     unless plugins.empty?
       puts "#{plugins.size} found :"