Updates deps

app/finders/interesting_findings/mu_plugins.rb

@@ -9,8 +9,8 @@ module WPScan
         def passive(_opts = {})
           pattern = %r{#{target.content_dir}/mu\-plugins/}i
 
-          target.in_scope_urls(target.homepage_res) do |url|
-            next unless Addressable::URI.parse(url).path =~ pattern
+          target.in_scope_uris(target.homepage_res) do |uri|
+            next unless uri.path =~ pattern
 
             url = target.url('wp-content/mu-plugins/')
 

app/finders/main_theme/css_style.rb

@@ -20,10 +20,10 @@ module WPScan
         end
 
         def passive_from_css_href(res, opts)
-          target.in_scope_urls(res, '//style/@src|//link/@href') do |url|
-            next unless Addressable::URI.parse(url).path =~ %r{/themes/([^\/]+)/style.css\z}i
+          target.in_scope_uris(res, '//style/@src|//link/@href') do |uri|
+            next unless uri.path =~ %r{/themes/([^\/]+)/style.css\z}i
 
-            return create_theme(Regexp.last_match[1], url, opts)
+            return create_theme(Regexp.last_match[1], uri.to_s, opts)
           end
           nil
         end

app/finders/users/author_id_brute_forcing.rb

@@ -83,8 +83,8 @@ module WPScan
         # @return [ String, nil ] The username found
         def username_from_response(res)
           # Permalink enabled
-          target.in_scope_urls(res, '//link/@href|//a/@href') do |url|
-            username = username_from_author_url(url)
+          target.in_scope_uris(res, '//link/@href|//a/@href') do |uri|
+            username = username_from_author_url(uri.to_s)
             return username if username
           end
 

app/finders/users/author_posts.rb

@@ -45,9 +45,7 @@ module WPScan
         def potential_usernames(res)
           usernames = []
 
-          target.in_scope_urls(res, '//a/@href') do |url, node|
-            uri = Addressable::URI.parse(url)
-
+          target.in_scope_uris(res, '//a/@href') do |uri, node|
             if uri.path =~ %r{/author/([^/\b]+)/?\z}i
               usernames << [Regexp.last_match[1], 'Author Pattern', 100]
             elsif /author=[0-9]+/.match?(uri.query)

app/finders/users/wp_json_api.rb

@@ -57,9 +57,7 @@ module WPScan
         def api_url
           return @api_url if @api_url
 
-          target.in_scope_urls(target.homepage_res, "//link[@rel='https://api.w.org/']/@href").each do |url, _tag|
-            uri = Addressable::URI.parse(url.strip)
-
+          target.in_scope_uris(target.homepage_res, "//link[@rel='https://api.w.org/']/@href").each do |uri|
             return @api_url = uri.join('wp/v2/users/').to_s if uri.path.include?('wp-json')
           end
 

app/finders/wp_items/urls_in_homepage.rb

@@ -12,8 +12,8 @@ module WPScan
         def items_from_links(type, uniq = true)
           found = []
 
-          target.in_scope_urls(target.homepage_res) do |url|
-            next unless url =~ item_attribute_pattern(type)
+          target.in_scope_uris(target.homepage_res) do |uri|
+            next unless uri.to_s =~ item_attribute_pattern(type)
 
             found << Regexp.last_match[1]
           end

app/models/wp_item.rb

@@ -13,7 +13,7 @@ module WPScan
 
       attr_reader :uri, :slug, :detection_opts, :version_detection_opts, :blog, :path_from_blog, :db_data
 
-      delegate :homepage_res, :xpath_pattern_from_page, :in_scope_urls, :head_or_get_params, to: :blog
+      delegate :homepage_res, :xpath_pattern_from_page, :in_scope_uris, :head_or_get_params, to: :blog
 
       # @param [ String ] slug The plugin/theme slug
       # @param [ Target ] blog The targeted blog

lib/wpscan/finders/dynamic_finder/version/query_parameter.rb

@@ -35,15 +35,13 @@ module WPScan
           def scan_response(response)
             found = {}
 
-            target.in_scope_urls(response, xpath) do |url, _tag|
-              uri = Addressable::URI.parse(url)
-
+            target.in_scope_uris(response, xpath) do |uri|
               next unless uri.path =~ path_pattern && uri.query&.match(self.class::PATTERN)
 
               version = Regexp.last_match[:v].to_s
 
               found[version] ||= []
-              found[version] << url
+              found[version] << uri.to_s
             end
 
             found

lib/wpscan/target/platform/wordpress.rb

@@ -24,8 +24,8 @@ module WPScan
         #
         # @return [ Boolean ]
         def wordpress?(detection_mode)
-          in_scope_urls(homepage_res) do |url|
-            return true if Addressable::URI.parse(url).path.match(WORDPRESS_PATTERN)
+          in_scope_uris(homepage_res) do |uri|
+            return true if uri.path.match(WORDPRESS_PATTERN)
           end
 
           homepage_res.html.css('meta[name="generator"]').each do |node|
@@ -36,8 +36,8 @@ module WPScan
 
           if %i[mixed aggressive].include?(detection_mode)
             %w[wp-admin/install.php wp-login.php].each do |path|
-              in_scope_urls(Browser.get_and_follow_location(url(path))).each do |url|
-                return true if Addressable::URI.parse(url).path.match(WORDPRESS_PATTERN)
+              in_scope_uris(Browser.get_and_follow_location(url(path))).each do |uri|
+                return true if uri.path.match(WORDPRESS_PATTERN)
               end
             end
           end
@@ -85,8 +85,8 @@ module WPScan
           unless content_dir(:passive)
             pattern = %r{https?://s\d\.wp\.com#{WORDPRESS_PATTERN}}i.freeze
 
-            urls_from_page(homepage_res) do |url|
-              return true if url.match?(pattern)
+            uris_from_page(homepage_res) do |uri|
+              return true if uri.to_s.match?(pattern)
             end
           end
 

lib/wpscan/target/platform/wordpress/custom_directories.rb

@@ -20,8 +20,8 @@ module WPScan
             # scope_url_pattern is from CMSScanner::Target
             pattern = %r{#{scope_url_pattern}([\w\s\-/]+)\\?/(?:themes|plugins|uploads|cache)\\?/}i
 
-            in_scope_urls(homepage_res) do |url|
-              return @content_dir = Regexp.last_match[1] if url.match(pattern)
+            in_scope_uris(homepage_res) do |uri|
+              return @content_dir = Regexp.last_match[1] if uri.to_s.match(pattern)
             end
 
             # Checks for the pattern in raw JS code, as well as @content attributes of meta tags
@@ -105,8 +105,8 @@ module WPScan
             # url_pattern is from CMSScanner::Target
             pattern = %r{#{url_pattern}(.+?)/(?:xmlrpc\.php|wp\-includes/)}i
 
-            in_scope_urls(homepage_res) do |url|
-              return @sub_dir = Regexp.last_match[1] if url.match(pattern)
+            in_scope_uris(homepage_res) do |uri|
+              return @sub_dir = Regexp.last_match[1] if uri.to_s.match(pattern)
             end
 
             @sub_dir = false

wpscan.gemspec

@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
   s.executables           = ['wpscan']
   s.require_paths         = ['lib']
 
-  s.add_dependency 'cms_scanner', '~> 0.0.44.3'
+  s.add_dependency 'cms_scanner', '~> 0.5.0'
 
   s.add_development_dependency 'bundler',   '>= 1.6'
   s.add_development_dependency 'coveralls', '~> 0.8.0'
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rake', '~> 12.3'
   s.add_development_dependency 'rspec', '~> 3.8.0'
   s.add_development_dependency 'rspec-its', '~> 1.3.0'
-  s.add_development_dependency 'rubocop', '~> 0.67.1'
+  s.add_development_dependency 'rubocop', '~> 0.67.2'
   s.add_development_dependency 'simplecov', '~> 0.16.1'
   s.add_development_dependency 'stackprof', '~> 0.2.12'
   s.add_development_dependency 'webmock', '~> 3.5.1'