diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 1d7ec8ef..8538cbb7 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -1529,9 +1529,10 @@
       <fixed_in>3.5.4</fixed_in>
     </vulnerability>
     <vulnerability>
-      <title>Better WP Security v3.4.3</title>
+      <title>Better WP Security v3.4.3 Multiple XSS</title>
       <reference>http://seclists.org/bugtraq/2012/Oct/9</reference>
       <type>XSS</type>
+      <fixed_in>3.4.4</fixed_in>
     </vulnerability>
     <vulnerability>
       <title>Better WP Security &lt;= 3.2.4 Cross Site Scripting</title>
diff --git a/lib/wpscan/web_site.rb b/lib/wpscan/web_site.rb
index 7f7b2504..13e815ce 100644
--- a/lib/wpscan/web_site.rb
+++ b/lib/wpscan/web_site.rb
@@ -26,36 +26,19 @@ class WebSite
   end
 
   def has_xml_rpc?
-    !xml_rpc_url.nil?
+    response = Browser.get_and_follow_location(xml_rpc_url)
+    response.body =~ %r{XML-RPC server accepts POST requests only}i    
   end
 
   # See http://www.hixie.ch/specs/pingback/pingback-1.0#TOC2.3
   def xml_rpc_url
     unless @xmlrpc_url
-      @xmlrpc_url = xml_rpc_url_from_headers() || xml_rpc_url_from_body()
+      @xmlrpc_url = @uri.merge('xmlrpc.php').to_s
     end
+
     @xmlrpc_url
   end
 
-  def xml_rpc_url_from_headers
-    headers    = Browser.get(@uri.to_s).headers_hash
-    xmlrpc_url = nil
-
-    unless headers.nil?
-      pingback_url = headers['X-Pingback']
-      unless pingback_url.nil? || pingback_url.empty?
-        xmlrpc_url = pingback_url
-      end
-    end
-    xmlrpc_url
-  end
-
-  def xml_rpc_url_from_body
-    body = Browser.get(@uri.to_s).body
-
-    body[%r{<link rel="pingback" href="([^"]+)" ?\/?>}, 1]
-  end
-
   # See if the remote url returns 30x redirect
   # This method is recursive
   # Return a string with the redirection or nil
@@ -105,7 +88,7 @@ class WebSite
   end
 
   # Will try to find the rss url in the homepage
-  # Only the first one found iw returned
+  # Only the first one found is returned
   def rss_url
     homepage_body = Browser.get(@uri.to_s).body
     homepage_body[%r{<link .* type="application/rss\+xml" .* href="([^"]+)" />}, 1]
diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb
index 750d3927..4c530c3a 100644
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -43,9 +43,8 @@ class WpTarget < WebSite
     if response.body =~ /["'][^"']*\/wp-content\/[^"']*["']/i
       wordpress = true
     else
-      response = Browser.get_and_follow_location(xml_rpc_url)
 
-      if response.body =~ %r{XML-RPC server accepts POST requests only}i
+      if has_xml_rpc?
         wordpress = true
       else
         response = Browser.get_and_follow_location(login_url)
diff --git a/spec/lib/common/models/wp_version/findable_spec.rb b/spec/lib/common/models/wp_version/findable_spec.rb
index 35395f76..994ff744 100644
--- a/spec/lib/common/models/wp_version/findable_spec.rb
+++ b/spec/lib/common/models/wp_version/findable_spec.rb
@@ -167,6 +167,8 @@ describe 'WpVersion::Findable' do
     let(:version_xml)    {}
 
     after do
+      stub_request(:get, /#{uri.to_s}.*/).to_return(status: 0)
+
       version = WpVersion.find(uri, wp_content_dir, wp_plugins_dir, version_xml)
       version.should == @expected
       if @expected
diff --git a/spec/lib/wpscan/web_site_spec.rb b/spec/lib/wpscan/web_site_spec.rb
index e90ee87e..a3585b36 100644
--- a/spec/lib/wpscan/web_site_spec.rb
+++ b/spec/lib/wpscan/web_site_spec.rb
@@ -63,111 +63,22 @@ describe 'WebSite' do
     end
   end
 
-  describe '#xml_rpc_url_from_headers' do
-    context 'when the x-pingback is' do
-
-      context 'correctly supplied' do
-        it 'returns the url in the header : http://example.localhost/xmlrpc.php' do
-          xmlrpc = 'http://example.localhost/xmlrpc.php'
-          stub_request(:get, web_site.url).
-            to_return(status: 200, headers: { 'X-Pingback' => xmlrpc })
-
-          web_site.xml_rpc_url_from_headers.should === xmlrpc
-        end
-      end
-
-      context 'not supplied' do
-        it 'returns nil' do
-          stub_request(:get, web_site.url).to_return(status: 200)
-          web_site.xml_rpc_url_from_headers.should be_nil
-        end
-
-        context 'but there is another header field' do
-          it 'returns nil' do
-            stub_request(:get, web_site.url).
-              to_return(status:200, headers: { 'another-field' => 'which we do not care' })
-
-            web_site.xml_rpc_url_from_headers.should be_nil
-          end
-        end
-      end
-
-      context 'empty' do
-        it 'returns nil' do
-          stub_request(:get, web_site.url).
-            to_return(status: 200, headers: { 'X-Pingback' => '' })
-
-          web_site.xml_rpc_url_from_headers.should be_nil
-        end
-      end
-
-    end
-  end
-
-  describe '#xml_rpc_url_from_body' do
-    context 'when the pattern does not match' do
-      it 'returns nil' do
-        stub_request_to_fixture(url: web_site.url, fixture: fixtures_dir + '/xml_rpc_url/body_dont_match.html')
-
-        web_site.xml_rpc_url_from_body.should be_nil
-      end
-    end
-
-    context 'when the pattern match' do
-      it 'return the url' do
-        stub_request_to_fixture(url: web_site.url, fixture: fixtures_dir + '/xml_rpc_url/body_match.html')
-
-        web_site.xml_rpc_url_from_body.should == 'http://lamp/wordpress-3.5.1/xmlrpc.php'
-      end
-    end
-  end
-
   describe '#xml_rpc_url' do
-    after :each do
-      web_site.xml_rpc_url.should === xmlrpc_url
-    end
-
-    context 'when found in the headers' do
-      let(:xmlrpc_url) { 'http://from-headers.localhost/xmlrpc.php' }
-
-      it 'returns the url' do
-        web_site.stub(xml_rpc_url_from_headers: xmlrpc_url)
-      end
-    end
-
-    context 'when found in the body' do
-      let(:xmlrpc_url) { 'http://from-body.localhost/xmlrpc.php' }
-
-      it 'returns the url' do
-        web_site.stub(
-          xml_rpc_url_from_headers: nil,
-          xml_rpc_url_from_body: xmlrpc_url
-        )
-      end
-    end
-
-    context 'when not found' do
-      let(:xmlrpc_url) { nil }
-
-      it 'returns nil' do
-        web_site.stub(
-          xml_rpc_url_from_headers: nil,
-          xml_rpc_url_from_body: nil
-        )
-      end
+    it 'returns the xmlrpc url' do
+      web_site.xml_rpc_url.should === "http://example.localhost/xmlrpc.php"
     end
   end
 
   describe '#has_xml_rpc?' do
     it 'returns true' do
-      stub_request(:get, web_site.url).
-        to_return(status: 200, headers: { 'X-Pingback' => 'xmlrpc' })
+      stub_request(:get, web_site.xml_rpc_url).
+        to_return(status: 200, body: "XML-RPC server accepts POST requests only")
 
       web_site.should have_xml_rpc
     end
 
     it 'returns false' do
-      stub_request(:get, web_site.url).to_return(status: 200)
+      stub_request(:get, web_site.xml_rpc_url).to_return(status: 200)
       web_site.should_not have_xml_rpc
     end
   end
