Fixes #1318

2019-03-20 08:41:39 +00:00
parent 5f2b8f8a2e
commit 6304fe4c19
3 changed files with 9 additions and 3 deletions
--- a/lib/wpscan/target/platform/wordpress/custom_directories.rb
+++ b/lib/wpscan/target/platform/wordpress/custom_directories.rb
@@ -15,7 +15,7 @@ module WPScan
        def content_dir
          unless @content_dir
            escaped_url = Regexp.escape(url).gsub(/https?/i, 'https?')
-            pattern     = %r{#{escaped_url}([^\/]+)\/(?:themes|plugins|uploads|cache)\/}i
+            pattern     = %r{#{escaped_url}([\w\s\-\/]+)\/(?:themes|plugins|uploads|cache)\/}i

            in_scope_urls(homepage_res) do |url|
              return @content_dir = Regexp.last_match[1] if url.match(pattern)