Adds detection of wp-content from raw JS

lib/wpscan/target/platform/wordpress/custom_directories.rb

@@ -15,11 +15,15 @@ module WPScan
         def content_dir
           unless @content_dir
             escaped_url = Regexp.escape(url).gsub(/https?/i, 'https?')
-            pattern     = %r{#{escaped_url}(.+?)\/(?:themes|plugins|uploads|cache)\/}i
+            pattern     = %r{#{escaped_url}([^\/]+)\/(?:themes|plugins|uploads|cache)\/}i
 
             in_scope_urls(homepage_res) do |url|
               return @content_dir = Regexp.last_match[1] if url.match(pattern)
             end
+
+            xpath_pattern_from_page('//script[not(@src)]', pattern, homepage_res) do |match|
+              return @content_dir = match[1]
+            end
           end
 
           @content_dir

spec/fixtures/target/platform/wordpress/custom_directories/in_raw_js.html

@@ -0,0 +1,2 @@
+<script type='application/ld+json'>
+{"@context":"https://schema.org","@type":"Organization","url":"https://ex.lo/","@id":"https://ex.lo/#organization","name":"WP Lab","logo":"http://ex.lo/wp-content/uploads/2019/02/lo.png"}</script>

spec/shared_examples/target/platform/wordpress/custom_directories.rb

@@ -4,7 +4,8 @@ shared_examples 'WordPress::CustomDirectories' do
   describe '#content_dir' do
     {
       default: 'wp-content', https: 'wp-content', custom_w_spaces: 'custom content spaces',
-      relative_one: 'wp-content', relative_two: 'wp-content', cache: 'wp-content'
+      relative_one: 'wp-content', relative_two: 'wp-content', cache: 'wp-content',
+      in_raw_js: 'wp-content', with_sub_dir: 'app'
     }.each do |file, expected|
       it "returns #{expected} for #{file}.html" do
         stub_request(:get, target.url).to_return(body: File.read(fixtures.join("#{file}.html")))