diff --git a/data/plugin_vulns.xml b/data/plugin_vulns.xml
index 3f6a260b..de0eb80a 100644
--- a/data/plugin_vulns.xml
+++ b/data/plugin_vulns.xml
@@ -3144,6 +3144,7 @@
http://blog.sucuri.net/2013/04/update-wp-super-cache-and-w3tc-immediately-remote-code-execution-vulnerability-disclosed.html
exploits/unix/webapp/php_wordpress_total_cache
RCE
+ 0.9.2.9
diff --git a/data/vuln.xsd b/data/vuln.xsd
index a2c286bf..a11e3910 100644
--- a/data/vuln.xsd
+++ b/data/vuln.xsd
@@ -51,6 +51,7 @@
+
diff --git a/lib/common/models/vulnerability.rb b/lib/common/models/vulnerability.rb
index e4b89ae2..83b15733 100755
--- a/lib/common/models/vulnerability.rb
+++ b/lib/common/models/vulnerability.rb
@@ -5,20 +5,22 @@ require 'vulnerability/output'
class Vulnerability
include Vulnerability::Output
- attr_accessor :title, :references, :type, :metasploit_modules
+ attr_accessor :title, :references, :type, :fixed_in, :metasploit_modules
#
# @param [ String ] title The title of the vulnerability
# @param [ String ] type The type of the vulnerability
# @param [ Array ] references References urls
# @param [ Array ] metasploit_modules Metasploit modules for the vulnerability
+ # @param [ String ] fixed_in Vuln fixed in Version X
#
# @return [ Vulnerability ]
- def initialize(title, type, references, metasploit_modules = [])
+ def initialize(title, type, references, metasploit_modules = [], fixed_in)
@title = title
@type = type
@references = references
@metasploit_modules = metasploit_modules
+ @fixed_in = fixed_in
end
# @param [ Vulnerability ] other
@@ -26,7 +28,11 @@ class Vulnerability
# @return [ Boolean ]
# :nocov:
def ==(other)
- title == other.title && type == other.type && references == other.references
+ title == other.title &&
+ type == other.type &&
+ references == other.references &&
+ fixed_in == other.fixed_in &&
+ metasploit_modules == other.metasploit_modules
end
# :nocov:
@@ -40,7 +46,8 @@ class Vulnerability
xml_node.search('title').text,
xml_node.search('type').text,
xml_node.search('reference').map(&:text),
- xml_node.search('metasploit').map(&:text)
+ xml_node.search('metasploit').map(&:text),
+ xml_node.search('fixed_in').text
)
end
diff --git a/lib/common/models/wp_item/vulnerable.rb b/lib/common/models/wp_item/vulnerable.rb
index d814c9ba..c1405768 100755
--- a/lib/common/models/wp_item/vulnerable.rb
+++ b/lib/common/models/wp_item/vulnerable.rb
@@ -12,7 +12,18 @@ class WpItem
vulnerabilities = Vulnerabilities.new
xml.xpath(vulns_xpath).each do |node|
- vulnerabilities << Vulnerability.load_from_xml_node(node)
+ vuln = Vulnerability.load_from_xml_node(node)
+ if vuln
+ if version && vuln.fixed_in && !vuln.fixed_in.empty?
+ if VersionCompare::is_newer_or_same?(vuln.fixed_in, version)
+ # "Hooray, fixed"
+ else
+ vulnerabilities << vuln
+ end
+ else
+ vulnerabilities << vuln
+ end
+ end
end
vulnerabilities
end
diff --git a/lib/common/version_compare.rb b/lib/common/version_compare.rb
new file mode 100644
index 00000000..aa4e9e28
--- /dev/null
+++ b/lib/common/version_compare.rb
@@ -0,0 +1,7 @@
+# encoding: UTF-8
+
+class VersionCompare
+ def self.is_newer_or_same?(version1, version2)
+ (version1 == version2) || (Gem::Version.new(version1) < Gem::Version.new(version2))
+ end
+end
\ No newline at end of file