Fix git merge problem

2014-04-27 15:32:10 +02:00
parent e52e82fb78 59225a4b9c
commit 516ae6b68c
32 changed files with 3981 additions and 546 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,6 +4,7 @@ rvm:
  - 1.9.3
  - 2.0.0
  - 2.1.0
  - 2.1.1
 script: bundle exec rspec --format documentation
 notifications:
  email:
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,61 @@
 # Changelog
 ## Master
-[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.3...master)
+[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.4...master)
 ## Version 2.4
 Released: 2014-04-17
 New
 * '--batch' switch option added - Fix #454
 * Add random-agent
 * Added more CLI options
 * Switch over to nist - Fix #301
 * New choice added when a redirection is detected - Fix #438
 Removed
 * Removed 'Total WordPress Sites in the World' counter from stats
 * Old wpscan repo links removed - Fix #440
 * Fingerprinting Dev script removed
 * Useless code removed
 General core
 * Rspecs update
 * Forcing Travis notify the team
 * Ruby 2.1.1 added to Travis
 * Equal output layout for interaction questions
 * Only output error trace if verbose if enabled
 * Memory improvements during wp-items enumerations
 * Fixed broken link checker, fixed some broken links
 * Couple more 404s fixed
 * Themes & Plugins list updated
 WordPress Fingerprints
 * WP 3.8.2 & 3.7.2 Fingerprints added - Fix #448
 * WP 3.8.3 & 3.7.3 fingerprints
 * WP 3.9 fingerprints
 Fixed issues
 * Fix #380 - Redirects in WP 3.6-3.0
 * Fix #413 - Check the version of the Timthumbs files found
 * Fix #429 - Error WpScan Cache Browser
 * Fix #431 - Version number comparison between '2.3.3' and '0.42b'
 * Fix #439 - Detect if the target goes down during the scan
 * Fix #451 - Do not rely only on files in wp-content for fingerprinting
 * Fix #453 - Documentation or inplemention of option parameters
 * Fix #455 - Fails with a message if the target returns a 403 during the wordpress check
 Vulnerabilities
 * Update WordPress Vulnerabilities
 * Fixed some duplicate vulnerabilities
 WPScan Database Statistics:
 * Total vulnerable versions: 79; 1 is new
 * Total vulnerable plugins: 748; 55 are new
 * Total vulnerable themes: 292; 41 are new
 * Total version vulnerabilities: 617; 326 are new
 * Total plugin vulnerabilities: 1162; 146 are new
 * Total theme vulnerabilities: 330; 47 are new
 ## Version 2.3
 Released: 2014-02-11
@@ -44,7 +99,7 @@ WPScan Database Statistics:
 * Total plugin vulnerabilities: 1016; 236 are new
 * Total theme vulnerabilities: 283; 79 are new
-Add WP Fingerprints
+WordPress Fingerprints
 * Better fingerprints
 * WP 3.8.1 Fingerprinting
 * WP 3.8 Fingerprinting
--- a/1
+++ b/1
@@ -82,7 +82,6 @@ ryandewhurst at gmail
  - Typhoeus segmentation fault:
      Update cURL to version => 7.21 (may have to install from source)
      See http://code.google.com/p/wpscan/issues/detail?id=81
  - Proxy not working:
      Update cURL to version => 7.21.7 (may have to install from source).
--- a/README.md
+++ b/README.md
@@ -90,7 +90,6 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
  - Typhoeus segmentation fault
      Update cURL to version => 7.21 (may have to install from source)
      See http://code.google.com/p/wpscan/issues/detail?id=81
  - Proxy not working
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
--- a/data/plugins.txt
+++ b/data/plugins.txt
--- a/data/plugins_full.txt
+++ b/data/plugins_full.txt
--- a/data/theme_vulns.xml
+++ b/data/theme_vulns.xml
@@ -93,6 +93,13 @@
      </references>
      <type>UPLOAD</type>
    </vulnerability>
    <vulnerability>
      <title>vithy - Custom Background Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125827/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="appius">
@@ -110,6 +117,13 @@
      </references>
      <type>UPLOAD</type>
    </vulnerability>
    <vulnerability>
      <title>appius - Custom Background Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125827/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="yvora">
@@ -144,6 +158,13 @@
      </references>
      <type>UPLOAD</type>
    </vulnerability>
    <vulnerability>
      <title>Shotzz - Custom Background Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125827/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="dagda">
@@ -154,6 +175,13 @@
      </references>
      <type>UPLOAD</type>
    </vulnerability>
    <vulnerability>
      <title>dagda - Custom Background Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125827/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="moneymasters">
@@ -534,6 +562,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -584,6 +613,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -594,6 +624,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -614,6 +645,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -624,6 +656,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -634,6 +667,7 @@
        <url>http://packetstormsecurity.org/files/114750/</url>
      </references>
      <type>UNKNOWN</type>
      <fixed_in>2.0</fixed_in>
    </vulnerability>
  </theme>
@@ -1811,12 +1845,20 @@
  <theme name="archin">
    <vulnerability>
-      <title>Archin - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities</title>
+      <title>Archin 3.2 - Cross-Site Scripting and Arbitrary File Upload Vulnerabilities</title>
      <references>
        <secunia>50711</secunia>
      </references>
      <type>MULTI</type>
    </vulnerability>
    <vulnerability>
      <title>Archin 3.2 - hades_framework/option_panel/ajax.php Configuration Option Manipulation</title>
      <references>
        <osvdb>86991</osvdb>
        <exploitdb>21646</exploitdb>
      </references>
      <type>RCE</type>
    </vulnerability>
  </theme>
  <theme name="purity">
@@ -1899,6 +1941,13 @@
      </references>
      <type>XSS</type>
    </vulnerability>
    <vulnerability>
      <title>felici - Custom Background Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125830/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="classic">
@@ -1947,7 +1996,7 @@
    <vulnerability>
      <title>Xss In wordpress ambience theme</title>
      <references>
-        <url>http://packetstorm.igor.onlinedirect.bg/1306-exploits/wpambience-xss.txt</url>
+        <url>http://www.websecuritywatch.com/wordpress-ambience-xss/</url>
      </references>
      <type>XSS</type>
    </vulnerability>
@@ -2580,7 +2629,7 @@
    </vulnerability>
  </theme>
-  <theme name="Blooog-v1.1">
+  <theme name="blooog">
    <vulnerability>
      <title>Blooog 1.1 - jplayer.swf Cross Site Scripting</title>
      <references>
@@ -3023,4 +3072,459 @@
    </vulnerability>
  </theme>
  <theme name="Realestate">
    <vulnerability>
      <title>Real Estate - Templatic Theme CSRF File Upload Vulnerability</title>
      <references>
        <url>http://1337day.com/exploit/22091</url>
      </references>
      <type>CSRF</type>
    </vulnerability>
  </theme>
  <theme name="dailydeal">
    <vulnerability>
      <title>Dailydeal - Templatic Theme CSRF File Upload Vulnerability</title>
      <references>
        <url>http://1337day.com/exploit/22091</url>
      </references>
      <type>CSRF</type>
    </vulnerability>
  </theme>
  <theme name="nightlife">
    <vulnerability>
      <title>Nightlife - Templatic Theme CSRF File Upload Vulnerability</title>
      <references>
        <url>http://1337day.com/exploit/22091</url>
      </references>
      <type>CSRF</type>
    </vulnerability>
  </theme>
  <theme name="5star">
    <vulnerability>
      <title>5star - Templatic Theme CSRF File Upload Vulnerability</title>
      <references>
        <url>http://1337day.com/exploit/22091</url>
      </references>
      <type>CSRF</type>
    </vulnerability>
  </theme>
  <theme name="specialist">
    <vulnerability>
      <title>Specialist - Templatic Theme CSRF File Upload Vulnerability</title>
      <references>
        <url>http://1337day.com/exploit/22091</url>
      </references>
      <type>CSRF</type>
    </vulnerability>
  </theme>
  <theme name="flatshop">
    <vulnerability>
      <title>Flatshop - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="magazine">
    <vulnerability>
      <title>Magazine - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="parallax">
    <vulnerability>
      <title>Parallax - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="bold">
    <vulnerability>
      <title>Bold - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="metro">
    <vulnerability>
      <title>Metro - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="pinshop">
    <vulnerability>
      <title>Pinshop - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="agency">
    <vulnerability>
      <title>Agency - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="slide">
    <vulnerability>
      <title>Slide - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="postline">
    <vulnerability>
      <title>Postline - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="fullscreen">
    <vulnerability>
      <title>Fulscreen - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="shopo">
    <vulnerability>
      <title>Shopo - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="minshop">
    <vulnerability>
      <title>Minshop - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="notes">
    <vulnerability>
      <title>Notes - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="shopdock">
    <vulnerability>
      <title>Shopdock - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="phototouch">
    <vulnerability>
      <title>Phototouch - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="basic">
    <vulnerability>
      <title>Basic - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="responz">
    <vulnerability>
      <title>Responz - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="simfo">
    <vulnerability>
      <title>Simfo - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="grido">
    <vulnerability>
      <title>Grido - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="tisa">
    <vulnerability>
      <title>Tisa - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="funki">
    <vulnerability>
      <title>Funki - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="minblr">
    <vulnerability>
      <title>Minblr - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="newsy">
    <vulnerability>
      <title>Newsy - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="wumblr">
    <vulnerability>
      <title>Wumblr - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="rezo">
    <vulnerability>
      <title>Rezo - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="photobox">
    <vulnerability>
      <title>Photobox - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="edmin">
    <vulnerability>
      <title>Edmin - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="koi">
    <vulnerability>
      <title>Koi - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="bizco">
    <vulnerability>
      <title>Bizco - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="thememin">
    <vulnerability>
      <title>Thememin - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="wigi">
    <vulnerability>
      <title>Wigi - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="sidepane">
    <vulnerability>
      <title>Sidepane - themify-ajax.php File Upload Arbitrary Code Execution</title>
      <references>
        <osvdb>100271</osvdb>
        <url>http://packetstormsecurity.com/files/124097/</url>
        <url>http://1337day.com/exploit/22090</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="Sixtees">
    <vulnerability>
      <title>Sixtees - Shell Upload</title>
      <references>
        <url>http://packetstormsecurity.com/files/125491/</url>
      </references>
      <type>UPLOAD</type>
    </vulnerability>
  </theme>
  <theme name="linenity">
    <vulnerability>
      <title>LineNity 1.20 - download.php imgurl Parameter Remote Path Traversal File Access</title>
      <references>
        <osvdb>105767</osvdb>
        <exploitdb>32861</exploitdb>
      </references>
      <type>LFI</type>
    </vulnerability>
  </theme>
 </vulnerabilities>
--- a/data/themes.txt
+++ b/data/themes.txt
@@ -1,27 +1,28 @@
-academica
+aadya
-activetab
+abaris
 adamos
 adaptive-flat
 adelle
 admired
 adventure
 advertica-lite
 albinomouse
 aldehyde
 alexandria
 analytical-lite
 anarcho-notepad
-andrina-lite
+apprise
-appointment
+arcade-basic
-aquarius
+arunachala
 ascetica
 aspen
 asteria-lite
 asteroid
 atahualpa
 attitude
-autofocus
+base-wp
 beach
 bearded
-bicubic
+big-city
 birdsite
 bizantine
 bizark
 bizflare
@@ -31,270 +32,267 @@ bizsphere
 bizstudio-lite
 bizway
 blackbird
 blain
 blankslate
 blogbox
 blogly-lite
 blogolife
 blogotron
 blox
-blue-planet
+bluegray
 boldr-lite
 boot-store
 bootstrap-ultimate
 bota
 bouquet
 bresponzive
 brightnews
 bueno
 bushwick
 business-lite
 busiprof
 butterbelly
 buzz
-byblos
+capture
 carton
 catch-box
 catch-everest
 catch-evolution
 catch-kathmandu
 celestial-lite
 chaostheory
 childishly-simple
 chooko-lite
 church
 cirrus
 clean-retina
 cleo
 coller
 colorway
 contango
 coraline
 corpo
 crates
 current
 custom-community
 customizr
 cyberchimps
-d5-socialia
+dark-tt
 dazzling
 decode
 designfolio
 desk-mess-mirrored
 destro
 discover
 dms
 drop
 duena
 dusk-to-dawn
 duster
 dw-minion
 dw-timeline
 dw-wallpress
 dzonia-lite
 eclipse
-elisium
+elegantwhite
 elmax
 engrave-lite
 enough
 envision
 epic
 esell
 esplanade
 esquire
 estate
 evolve
 expert
 expound
 family
-fashionistas
+fifteen
 fastr
 figero
 fine
 firmasite
-fixy
+flat
 flounder
 focus
 forestly
 forever
-formidable-restaurant
+formation
 frau
 fresh-lite
 frisco-for-buddypress
 frontier
 fruitful
 future
 gamepress
 gold
-golden-eagle-lite
+govpress
 graphene
 graphy
 gridbulletin
 gridiculous
 gridster-lite
 hatch
 hazen
-hero
+health-center-lite
 hemingway
 highwind
 hueman
-hypnotist
+i-transform
 iconic-one
 ifeature
 imprint
 independent-publisher
 infinite
 infoway
 inkness
 inkzine
 intuition
 invert-lite
 irex-lite
 iribbon
 isis
-journalism
+itek
 justwrite
 kavya
 klasik
 leatherdiary
-leniy-radius
+lingonberry
-limelight
+linia-magazine
-lizardbusiness
+luminescence-lite
-local-business
+lupercalia
 lugada
 magazine-basic
 magazine-style
 magazino
 mantra
 market
 match
 matheson
 max-magazine
 maxflat-core
 meadowhill
 medicine
 mesocolumn
 mh-magazine-lite
-ming
+midnightcity
 minimatica
 minimize
 mn-flow
 modern-estate
 monaco
 montezuma
 multiloquent
 mywiki
 neuro
-neutro
+newgamer
-newdark
+newpro
 newlife
 newp
 newtek
 next-saturday
 nictitate
 omega
 one-page
-onecolumn
+onetone
 openstrap
 opulus-sombre
 origami
 origin
 oxygen
 p2
 padhang
 pagelines
 parabola
 parallax
 parament
 phonix
 photolistic
 piedmont
 pilcrow
 pilot-fish
 pinbin
 pinboard
 pink-touch-2
 pitch
 platform
 point
 portfolio-press
-pr-pin
+pr-news
 preference-lite
 preus
 primo-lite
-privatebusiness
+promax
 quark
 radiant
 radiate
 raindrops
 rambo
 raptor
 raven
-ready-review
+redesign
 reddle
 redify
 reizend
 response
 responsive
 restaurante
 restaurateur
 restimpo
 retention
 reviewgine-affiliate
 ridizain
 rtpanel
 rundown
 sampression-lite
 semper-fi-lite
 sensitive
 sequel
 serene
 shopping
 sigma
 silverclean-lite
 simple-catch
-simpleo
+simply-vision
-simplicity-lite
+singl
 sixteen
 skt-full-width
 sliding-door
 smpl-skeleton
 snaps
 snapshot
-sorbet
+sneak-lite
 socialize-lite
 spacious
 spartan
 spasalon
 sporty
 spun
 stairway
 stargazer
-startupwp
+start-point
 steira
-strapvert
+storefront-paper
 story
 suevafree
 suffusion
 sugar-and-spice
 suits
 sukelius-magazine
 sundance
 sunny-blue-sky
 sunrain
 sunspot
 superhero
 supernova
 surfarama
 swift-basic
 syntax
 tanzanite
 teal
 techism
 tempera
 temptation
 terrifico
-the-falcon
+the-newswire
 thematic
 themia-lite
 theron-lite
 tiga
 timeturner
 tiny-forge
 tonal
 tonic
 travel-blogger
 travel-lite
 travelify
 twentyeleven
 twentyfourteen
 twentyten
 twentythirteen
 twentytwelve
 typal-makewp005
 unite
 untitled
 uu-2014
 vantage
 venom
 viper
 virtue
-voyage
+vision
 visitpress
 visual
 vryn-restaurant
 ward
 weaver-ii
-weavr
+wilson
 wiziapp-smooth-touch
 wordplus
 wp-advocate
 wp-barrister
 wp-creativix
 wp-opulus
 wp-simple
 wpchimp-countdown
 writr
 x2
 yoko
 zalive
 zbench
 zeebizzcard
 zeebusiness
 zeedynamic
 zeeflow
 zeefocus
 zeeminty
 zeenoble
 zeestyle
 zeesynergie
 zeetasty
 zenon-lite
--- a/data/themes_full.txt
+++ b/data/themes_full.txt
--- a/data/timthumbs.txt
+++ b/data/timthumbs.txt
@@ -115,6 +115,7 @@ $wp-plugins$/islidex/js/timthumb.php
 $wp-plugins$/islidex/js/timthumb.phpthumb.php
 $wp-plugins$/islidex/js/timthumb.phptimthumb.php
 $wp-plugins$/jquery-slider-for-featured-content/scripts/timthumb.php
 $wp-plugins$/js-multihotel/includes/timthumb.php
 $wp-plugins$/kc-related-posts-by-category/timthumb.php
 $wp-plugins$/kino-gallery/timthumb.php
 $wp-plugins$/lisl-last-image-slider/timthumb.php
--- a/data/vuln.xsd
+++ b/data/vuln.xsd
@@ -40,6 +40,7 @@
      <xs:enumeration value="CSRF"/>
      <xs:enumeration value="SSRF"/>
      <xs:enumeration value="AUTHBYPASS"/>
      <xs:enumeration value="BYPASS"/>
      <xs:enumeration value="FPD"/>
      <xs:enumeration value="XXE"/>
    </xs:restriction>
--- a/data/wp_versions.xml
+++ b/data/wp_versions.xml
@@ -10,16 +10,68 @@
 <wp-versions xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:noNamespaceSchemaLocation="wp_versions.xsd">
-  <file src="wp-includes/css/buttons-rtl.css">
+  <file src="readme.html">
-    <hash md5="fb062ed92b76638c161e80f4a5426586">
+    <hash md5="84b54c54aa48ae72e633685c17e67457">
      <version>3.9</version>
    </hash>
    <hash md5="c6de8fc70a18be7e5c36198cd0f99a64">
      <version>3.8.3</version>
    </hash>
    <hash md5="e01a2663475f6a7a8363a7c75a73fe23">
      <version>3.8.2</version>
    </hash>
    <hash md5="0d0eb101038124a108f608d419387b92">
      <version>3.8.1</version>
    </hash>
    <hash md5="38ee273095b8f25b9ffd5ce5018fc4f0">
      <version>3.8</version>
    </hash>
    <hash md5="813e06052daa0692036e60d76d7141d3">
      <version>3.7.3</version>
    </hash>
    <hash md5="b3a05c7a344c2f53cb6b680fd65a91e8">
      <version>3.7.2</version>
    </hash>
    <hash md5="e82f4fe7d3c1166afb4c00856b875f16">
      <version>3.6.1</version>
    </hash>
    <hash md5="477f1e652f31dae76a38e3559c91deb9">
      <version>3.6</version>
    </hash>
    <hash md5="caf7946275c3e885419b1d36b22cb5f3">
      <version>3.5.2</version>
    </hash>
    <hash md5="05d50a04ef19bd4b0a280362469bf22f">
      <version>3.5.1</version>
    </hash>
    <hash md5="066cfc0f9b29ae6d491aa342ebfb1b71">
      <version>3.5</version>
    </hash>
    <hash md5="36b2b72a0f22138a921a38db890d18c1">
      <version>3.3.3</version>
    </hash>
    <hash md5="628419c327ca5ed8685ae3af6f753eb8">
      <version>3.3.2</version>
    </hash>
    <hash md5="c1ed266e26a829b772362d5135966bc3">
      <version>3.3.1</version>
    </hash>
    <hash md5="9ea06ab0184049bf4ea2410bf51ce402">
      <version>3.0</version>
    </hash>
  </file>
  <file src="wp-includes/css/buttons-rtl.css">
    <hash md5="d24d1d1eb3a4b9a4998e4df1761f8b9e">
      <version>3.9</version>
    </hash>
    <hash md5="71c13ab1693b45fb3d7712e540c4dfe0">
      <version>3.8</version>
    </hash>
  </file>
  <file src="wp-includes/js/tinymce/wp-tinymce.js.gz">
    <!-- Note: 3.7.1 has no unique file (the hash below is the same than the 3.7.2) -->
    <hash md5="44d281b0d84cc494e2b095a6d2202f4d">
      <version>3.7.1</version>
    </hash>
@@ -64,13 +116,6 @@
    </hash>
  </file>
  <file src="$wp-content$/themes/twentyeleven/style.css">
    <!-- same md5 for 3.3.2 -->
    <hash md5="030d3bac906ba69e9fbc99c5bac54a8e">
      <version>3.3.1</version>
    </hash>
  </file>
  <file src="wp-admin/js/common.js">
    <hash md5="4516252d47a73630280869994d510180">
      <version>3.3</version>
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -3,6 +3,46 @@
 <vulnerabilities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                 xsi:noNamespaceSchemaLocation="vuln.xsd">
  <wordpress version="3.8.1">
    <vulnerability>
      <title>Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1</title>
      <references>
        <url>https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/</url>
      </references>
      <type>SQLI</type>
    </vulnerability>
    <vulnerability>
      <title>Potential Authentication Cookie Forgery</title>
      <references>
        <osvdb>105620</osvdb>
        <url>https://labs.mwrinfosecurity.com/blog/2014/04/11/wordpress-auth-cookie-forgery/</url>
        <url>https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be</url>
        <cve>2014-0166</cve>
      </references>
      <type>AUTHBYPASS</type>
      <fixed_in>3.8.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Privilege escalation: contributors publishing posts</title>
      <references>
        <osvdb>105630</osvdb>
        <url>https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165</url>
        <cve>2014-0165</cve>
      </references>
      <type>BYPASS</type>
      <fixed_in>3.8.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>105622</osvdb>
        <secunia>57769</secunia>
      </references>
      <type>BYPASS</type>
      <fixed_in>3.8.2</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.8">
    <vulnerability>
      <title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>
@@ -15,6 +55,26 @@
  </wordpress>
  <wordpress version="3.7.1">
    <vulnerability>
      <title>Potential Authentication Cookie Forgery</title>
      <references>
        <osvdb>105620</osvdb>
        <url>https://github.com/WordPress/WordPress/commit/78a915e0e5927cf413aa6c2cef2fca3dc587f8be</url>
        <cve>2014-0166</cve>
      </references>
      <type>AUTHBYPASS</type>
      <fixed_in>3.7.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Privilege escalation: contributors publishing posts</title>
      <references>
        <osvdb>105630</osvdb>
        <url>https://github.com/wpscanteam/wpscan/wiki/CVE-2014-0165</url>
        <cve>2014-0165</cve>
      </references>
      <type>BYPASS</type>
      <fixed_in>3.7.2</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>wp-admin/options-writing.php Cleartext Admin Credentials Disclosure</title>
      <references>
@@ -23,6 +83,15 @@
      </references>
      <type>AUTHBYPASS</type>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>105622</osvdb>
        <secunia>57769</secunia>
      </references>
      <type>BYPASS</type>
      <fixed_in>3.7.2</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.6">
@@ -288,6 +357,30 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Shortcodes / Post Content Multiple Unspecified XSS</title>
      <references>
        <osvdb>89576</osvdb>
        <cve>2013-0236</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57554</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.4.2">
@@ -352,6 +445,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.4.1">
@@ -409,6 +514,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.4">
@@ -466,6 +583,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.4-beta4">
@@ -511,6 +640,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.3.3">
@@ -549,6 +690,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.3.2">
@@ -625,6 +778,18 @@
      <type>REDIRECT</type>
      <fixed_in>3.6.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Plupload Unspecified XSS</title>
      <references>
        <osvdb>89577</osvdb>
        <cve>2013-0237</cve>
        <secunia>51967</secunia>
        <url>http://www.securityfocus.com/bid/57555</url>
        <url>http://securitytracker.com/id?1028045</url>
      </references>
      <type>XSS</type>
      <fixed_in>3.5.1</fixed_in>
    </vulnerability>
  </wordpress>
  <wordpress version="3.3.1">
@@ -1658,6 +1823,7 @@
    <vulnerability>
      <title>wp-includes/comment.php bypass intended spam restrictions via a crafted URL</title>
      <references>
        <osvdb>104693</osvdb>
        <cve>2010-5293</cve>
      </references>
      <type>UNKNOWN</type>
@@ -1792,10 +1958,11 @@
    <vulnerability>
      <title>When a Multisite installation is used, permanently retains the "site administrators can add users" option once changed, which might allow remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances via an add action after a temporary change.</title>
      <references>
        <osvdb>104691</osvdb>
        <cve>2010-5297</cve>
      </references>
      <type>AUTHBYPASS</type>
-      <fixed_in>3.0</fixed_in>
+      <fixed_in>3.0.1</fixed_in>
    </vulnerability>
    <vulnerability>
      <title>Crafted String URL Redirect Restriction Bypass</title>
@@ -1838,6 +2005,7 @@
    <vulnerability>
      <title>wp-includes/comment.php bypass intended spam restrictions via a crafted URL</title>
      <references>
        <osvdb>104693</osvdb>
        <cve>2010-5293</cve>
      </references>
      <type>UNKNOWN</type>
--- a/lib/common/browser.rb
+++ b/lib/common/browser.rb
@@ -23,6 +23,8 @@ class Browser
  attr_reader :hydra, :cache_dir
  attr_accessor :referer
  # @param [ Hash ] options
  #
  # @return [ Browser ]
@@ -135,6 +137,7 @@ class Browser
      )
    end
    params.merge!(referer: referer)
    params.merge!(timeout: @request_timeout) if @request_timeout
    params.merge!(connecttimeout: @connect_timeout) if @connect_timeout
--- a/lib/common/collections/wp_items/detectable.rb
+++ b/lib/common/collections/wp_items/detectable.rb
@@ -17,6 +17,7 @@ class WpItems < Array
      hydra            = browser.hydra
      targets          = targets_items(wp_target, options)
      progress_bar     = progress_bar(targets.size, options)
      queue_count      = 0
      exist_options    = {
        error_404_hash:  wp_target.error_404_hash,
        homepage_hash:   wp_target.homepage_hash,
@@ -43,8 +44,16 @@ class WpItems < Array
        end
        hydra.queue(request)
        queue_count += 1
        if queue_count >= browser.max_threads
          hydra.run
          queue_count = 0
          puts "Sent #{browser.max_threads} requests ..." if options[:verbose]
        end
      end
      # run the remaining requests
      hydra.run
      results.sort!
      results # can't just return results.sort because the #sort returns an array, and we want a WpItems
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -34,7 +34,7 @@ WP_VERSIONS_XSD     = DATA_DIR + '/wp_versions.xsd'
 LOCAL_FILES_XSD     = DATA_DIR + '/local_vulnerable_files.xsd'
 USER_AGENTS_FILE    = DATA_DIR + '/user-agents.txt'
-WPSCAN_VERSION       = '2.3'
+WPSCAN_VERSION       = '2.4'
 $LOAD_PATH.unshift(LIB_DIR)
 $LOAD_PATH.unshift(WPSCAN_LIB_DIR)
@@ -64,6 +64,14 @@ end
 require_files_from_directory(COMMON_LIB_DIR, '**/*.rb')
 # Hook to check if the target if down during the scan
 # The target is considered down after 10 requests with status = 0
 down = 0
 Typhoeus.on_complete do |response|
  down += 1 if response.code == 0
  fail 'The target seems to be down' if down >= 10
 end
 # Add protocol
 def add_http_protocol(url)
  url =~ /^https?:/ ? url : "http://#{url}"
--- a/lib/common/models/wp_theme/findable.rb
+++ b/lib/common/models/wp_theme/findable.rb
@@ -43,8 +43,6 @@ class WpTheme < WpItem
      end
    end
    # http://code.google.com/p/wpscan/issues/detail?id=141
    #
    # @param [ URI ] target_uri
    #
    # @return [ WpTheme ]
--- a/lib/common/models/wp_user.rb
+++ b/lib/common/models/wp_user.rb
@@ -12,7 +12,7 @@ class WpUser < WpItem
  # @return [ Array<Symbol> ]
  def allowed_options; [:id, :login, :display_name, :password] end
-  # @return [ URI ] The uri to the auhor page
+  # @return [ URI ] The uri to the author page
  def uri
    if id
      return @uri.merge("?author=#{id}")
@@ -54,8 +54,8 @@ class WpUser < WpItem
  # @return [ String ]
  def to_s
    s  = "#{id}"
-    s += " | #{login}" if login
+    s << " | #{login}" if login
-    s += " | #{display_name}" if display_name
+    s << " | #{display_name}" if display_name
    s
  end
--- a/lib/common/models/wp_version/findable.rb
+++ b/lib/common/models/wp_version/findable.rb
@@ -190,8 +190,6 @@ class WpVersion < WpItem
    # Attempts to find the WordPress version from the sitemap.xml file.
    #
    # See: http://code.google.com/p/wpscan/issues/detail?id=109
    #
    # @param [ URI ] target_uri
    #
    # @return [ String ] The version number
--- a/lib/wpscan/web_site.rb
+++ b/lib/wpscan/web_site.rb
@@ -71,7 +71,7 @@ class WebSite
  #
  # @return [ String ] The MD5 hash of the page
  def self.page_hash(page)
-    page = Browser.get(page) unless page.is_a?(Typhoeus::Response)
+    page = Browser.get(page, { followlocation: true, cache_ttl: 0 }) unless page.is_a?(Typhoeus::Response)
    Digest::MD5.hexdigest(page.body.gsub(/<!--.*?-->/m, ''))
  end
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -29,6 +29,7 @@ class WpTarget < WebSite
    @multisite      = nil
    Browser.instance(options.merge(:max_threads => options[:threads]))
    Browser.instance.referer = url
  end
  # check if the target website is
@@ -38,6 +39,11 @@ class WpTarget < WebSite
    response = Browser.get_and_follow_location(@uri.to_s)
    # Note: in the future major WPScan version, change the user-agent to see
    # if the response is a 200 ?
    fail "The target is responding with a 403, this might be due to a WAF or a plugin\n" \
          'You should try to supply a valid user-agent via the --user-agent option' if response.code == 403
    if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i
      wordpress = true
    else
@@ -93,7 +99,7 @@ class WpTarget < WebSite
  end
  # :nocov:
-  # The version is not yet considerated
+  # The version is not yet considered
  #
  # @param [ String ] name
  # @param [ String ] version
--- a/lib/wpscan/wp_target/wp_login_protection.rb
+++ b/lib/wpscan/wp_target/wp_login_protection.rb
@@ -12,7 +12,6 @@ class WpTarget < WebSite
    end
    # Checks if a login protection plugin is enabled
    # http://code.google.com/p/wpscan/issues/detail?id=111
    # return a WpPlugin object or nil if no one is found
    def login_protection_plugin
      unless @login_protection_plugin
--- a/lib/wpscan/wpscan_helper.rb
+++ b/lib/wpscan/wpscan_helper.rb
@@ -101,5 +101,6 @@ def help
  puts '--max-threads <max-threads>  Maximum Threads'
  puts '--help     | -h This help screen.'
  puts '--verbose  | -v Verbose output.'
  puts '--batch Never ask for user input, use the default behaviour.'
  puts
 end
--- a/lib/wpscan/wpscan_options.rb
+++ b/lib/wpscan/wpscan_options.rb
@@ -3,6 +3,7 @@
 class WpscanOptions
  ACCESSOR_OPTIONS = [
    :batch,
    :enumerate_plugins,
    :enumerate_only_vulnerable_plugins,
    :enumerate_all_plugins,
@@ -252,10 +253,11 @@ class WpscanOptions
      ['--basic-auth', GetoptLong::REQUIRED_ARGUMENT],
      ['--debug-output', GetoptLong::NO_ARGUMENT],
      ['--version', GetoptLong::NO_ARGUMENT],
-      ['--cache_ttl', GetoptLong::REQUIRED_ARGUMENT],
+      ['--cache-ttl', GetoptLong::REQUIRED_ARGUMENT],
-      ['--request_timeout', GetoptLong::REQUIRED_ARGUMENT],
+      ['--request-timeout', GetoptLong::REQUIRED_ARGUMENT],
-      ['--connect_timeout', GetoptLong::REQUIRED_ARGUMENT],
+      ['--connect-timeout', GetoptLong::REQUIRED_ARGUMENT],
-      ['--max_threads', GetoptLong::REQUIRED_ARGUMENT]
+      ['--max-threads', GetoptLong::REQUIRED_ARGUMENT],
      ['--batch', GetoptLong::NO_ARGUMENT]
    )
  end
--- a/lib/wpstools/plugins/checker/checker_plugin.rb
+++ b/lib/wpstools/plugins/checker/checker_plugin.rb
@@ -32,10 +32,12 @@ class CheckerPlugin < Plugin
      xml = xml(vuln_ref_file)
      urls = []
-      xml.xpath('//reference').each { |node| urls << node.text }
+      xml.xpath('//references/url').each { |node| urls << node.text }
      urls.uniq!
      puts "[!] No URLs found in #{vuln_ref_file}!" if urls.empty?
      dead_urls       = []
      queue_count     = 0
      request_count   = 0
--- a/lib/wpstools/plugins/stats/stats_plugin.rb
+++ b/lib/wpstools/plugins/stats/stats_plugin.rb
@@ -20,7 +20,6 @@ class StatsPlugin < Plugin
      puts "WPScan Database Statistics:"
      puts "---------------------------"
      puts "[#] Total WordPress Sites in the World: #{get_wp_installations}"
      puts
      puts "[#] Total vulnerable versions: #{vuln_core_count}"
      puts "[#] Total vulnerable plugins:  #{vuln_plugin_count}"
@@ -79,9 +78,4 @@ class StatsPlugin < Plugin
    IO.readlines(file).size
  end
  def get_wp_installations()
    page = Nokogiri::HTML(Typhoeus.get('http://en.wordpress.com/stats/').body)
    page.css('span[class="stats-flipper-number"]').text
  end
 end
--- a/spec/lib/common/browser_spec.rb
+++ b/spec/lib/common/browser_spec.rb
@@ -131,7 +131,8 @@ describe Browser do
        ssl_verifypeer: false, ssl_verifyhost: 0,
        cookiejar: cookie_jar, cookiefile: cookie_jar,
        timeout: 2000, connecttimeout: 1000,
-        maxredirs: 3
+        maxredirs: 3,
        referer: nil
      }
    }
--- a/spec/lib/wpscan/wp_target_spec.rb
+++ b/spec/lib/wpscan/wp_target_spec.rb
@@ -97,6 +97,14 @@ describe WpTarget do
        wp_target.should_not be_wordpress
      end
    end
    context 'when the response is a 403' do
      before { stub_request(:any, /.*/).to_return(status: 403) }
      it 'raises an error' do
        expect { wp_target.wordpress? }.to raise_error
      end
    end
  end
  describe '#wordpress_hosted?' do
--- a/spec/shared_examples/wp_target/wp_readme.rb
+++ b/spec/shared_examples/wp_target/wp_readme.rb
@@ -27,7 +27,6 @@ shared_examples 'WpTarget::WpReadme' do
      @expected = true
    end
    # http://code.google.com/p/wpscan/issues/detail?id=108
    it 'returns true even if the readme.html is not in english' do
      @stub     = { status: 200, body: File.new(fixtures_dir + '/readme-3.3.2-fr.html') }
      @expected = true
--- a/stop_user_enumeration_bypass.rb
+++ b/stop_user_enumeration_bypass.rb
@@ -0,0 +1,73 @@
 #!/usr/bin/env ruby
 # encoding: UTF-8
 #
 #
 # Script based on http://seclists.org/fulldisclosure/2014/Feb/3
 require File.join(File.dirname(__FILE__), 'lib/wpscan/wpscan_helper')
@opts = {
  ids: 1..10,
  verbose: false,
  user_agent: 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0) Gecko/20100101 Firefox/9.0'
 }
 parser = OptionParser.new('Usage: ./stop_user_enumeration_bypass.rb <Target URL> [options]', 35) do |opts|
  opts.on('--proxy PROXY', 'Proxy to use') do |proxy|
    @opts[:proxy] = proxy
  end
  opts.on('--auth Username:Password', 'Credentials to use if Basic/NTLM auth') do |creds|
    @opts[:creds] = creds
  end
  opts.on('--ids START-END', 'The ids to check, default is 1-10') do |ids|
    @opts[:ids] = Range.new(*ids.split('-').map(&:to_i))
  end
  opts.on('--user-agent UA', 'The user-agent to use') do |ua|
    @opts[:user_agent] = ua
  end
  opts.on('--verbose', '-v', 'Verbose Mode') do
    @opts[:verbose] = true
  end
 end
 begin
  parser.parse!
  fail "#{red('The target URL must be supplied')}\n\n#{parser}" unless ARGV[0]
  uri = URI.parse(add_trailing_slash(add_http_protocol(ARGV[0])))
  request_params = {
    proxy: @opts[:proxy],
    userpwd: @opts[:creds],
    headers: { 'User-Agent' => @opts[:user_agent] },
    followlocation: true,
    ssl_verifypeer: false,
    ssl_verifyhost: 2
  }
  detected_users = WpUsers.new
  @opts[:ids].each do |user_id|
    user = WpUser.new(uri, id: user_id)
    if user.exists_from_response?(Typhoeus.post(uri, request_params.merge(body: { author: user_id })))
      detected_users << user
    end
  end
  puts 'Usernames found:'
  detected_users.output
 rescue => e
  puts e.message
  if @opts[:verbose]
    puts red('Trace:')
    puts red(e.backtrace.join("\n"))
  end
  exit(1)
 end
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -63,12 +63,11 @@ def main
      end
    end
-    redirection = wp_target.redirection
+    if (redirection = wp_target.redirection)
    if redirection
      if wpscan_options.follow_redirection
        puts "Following redirection #{redirection}"
        puts
      else
 <<<<<<< HEAD
        puts "#{blue('[i]')} The remote host tried to redirect to: #{redirection}"
        print "[?] Do you want follow the redirection ? [y/n] "
      end
@@ -79,6 +78,22 @@ def main
      else
        puts "#{red('[!]')} Scan aborted"
        exit(0)
 =======
        puts "The remote host redirects to: #{redirection}"
        puts '[?] Do you want follow the redirection ? [Y]es [N]o [A]bort, default: [N]'
      end
      if wpscan_options.follow_redirection || !wpscan_options.batch
        if wpscan_options.follow_redirection || (input = Readline.readline) =~ /^y/i
          wpscan_options.url = redirection
          wp_target = WpTarget.new(redirection, wpscan_options.to_h)
        else
          if input =~ /^a/i
            puts 'Scan aborted'
            exit(0)
          end
        end
 >>>>>>> master
      end
    end
@@ -100,8 +115,8 @@ def main
    unless wp_target.wp_plugins_dir_exists?
      puts "The plugins directory '#{wp_target.wp_plugins_dir}' does not exist."
      puts 'You can specify one per command line option (don\'t forget to include the wp-content directory if needed)'
-      print '[?] Continue? [y/n] '
+      puts '[?] Continue? [Y]es [N]o, default: [N]'
-      unless Readline.readline =~ /^y/i
+      if wpscan_options.batch || Readline.readline !~ /^y/i
        exit(0)
      end
    end
@@ -294,6 +309,11 @@ def main
      puts
      puts "#{green('[+]')} Enumerating usernames ..."
      if wp_target.has_plugin?('stop-user-enumeration')
        puts "#{red('[!]')} Stop User Enumeration plugin detected, results might be empty. " \
             "However a bypass exists, see stop_user_enumeration_bypass.rb in #{File.expand_path(File.dirname(__FILE__))}"
      end
      wp_users = WpUsers.aggressive_detection(wp_target,
        enum_options.merge(
          range: wpscan_options.enumerate_usernames_range,
@@ -328,11 +348,11 @@ def main
        puts
        puts "#{red('[!]')} The plugin #{protection_plugin.name} has been detected. It might record the IP and timestamp of every failed login and/or prevent brute forcing altogether. Not a good idea for brute forcing!"
-        print "[?] Do you want to start the brute force anyway ? [y/n] "
+        puts '[?] Do you want to start the brute force anyway ? [Y]es [N]o, default: [N]'
-        bruteforce = false if Readline.readline !~ /^y/i
+        bruteforce = false if wpscan_options.batch || Readline.readline !~ /^y/i
      end
-      puts
+
      if bruteforce
        puts "#{green('[+]')} Starting the password brute forcer"
@@ -364,11 +384,11 @@ def main
  rescue SystemExit, Interrupt
  rescue => e
-    if e.backtrace[0] =~ /main/
+    puts
    puts red(e.message)
-    else
+
-      puts red("[ERROR] #{e.message}")
+    if wpscan_options && wpscan_options.verbose
-      puts red("Trace:")
+      puts red('Trace:')
      puts red(e.backtrace.join("\n"))
    end
    exit(1)