Ref #17 : Removed the output of plugins from passive detection if the user enumerate plugins or only vulnerable plugins (but they are still merged)

wpscan.rb

@@ -150,26 +150,28 @@ begin
     end
   end
 
-  puts
+  if wpscan_options.enumerate_plugins == nil and wpscan_options.enumerate_only_vulnerable_plugins == nil
-  print "[+] Enumerating plugins from passive detection ... "
+    puts
+    print "[+] Enumerating plugins from passive detection ... "
 
-  plugins = wp_target.plugins_from_passive_detection
+    plugins = wp_target.plugins_from_passive_detection
-  unless plugins.empty?
+    unless plugins.empty?
-    print "#{plugins.size} found :\n"
+      print "#{plugins.size} found :\n"
 
-    plugins.each do |plugin|
+      plugins.each do |plugin|
-      puts
+        puts
-      puts " | Name: " + plugin.name
+        puts " | Name: " + plugin.name
-      puts " | Location: " + plugin.location_url.gsub("$wp-plugins$", wp_target.wp_plugins_dir()) #Hotfix
+        puts " | Location: " + plugin.location_url.gsub("$wp-plugins$", wp_target.wp_plugins_dir()) #Hotfix
 
-      plugin.vulnerabilities.each do |vulnerability|
+        plugin.vulnerabilities.each do |vulnerability|
-        puts " |"
+          puts " |"
-        puts " | [!] " + vulnerability.title
+          puts " | [!] " + vulnerability.title
-        puts " | * Reference: " + vulnerability.reference
+          puts " | * Reference: " + vulnerability.reference
+        end
       end
+    else
+      print "No plugins found :(\n"
     end
-  else
-    print "No plugins found :(\n"
   end
 
   # Enumerate the installed plugins