bugfixing

lib/wpscan/wp_detector.rb

@@ -61,7 +61,7 @@ class WpDetector
 
     names.each do |item|
       items << {
-          :url            =>  url,
+          :url            => url,
           :name           => item,
           :path           => "#{type}/#{item}/",
           :wp_content_dir => wp_content_dir

lib/wpscan/wp_enumerator.rb

@@ -50,11 +50,12 @@ class WpEnumerator
     enumerate_size = targets.size
 
     targets.each do |target|
-      if options[:type] =~ /timthumbs/i
+      # Timthumb files have no /timthumbs/ directory
-        url = "#{target[:url]}#{target[:wp_content_dir]}/#{target[:path]}"
+      unless options[:type] =~ /timthumbs/i
-      else
+        target[:path] = "#{options[:type]}/#{target[:path]}"
-        url = "#{target[:url]}#{target[:wp_content_dir]}/#{options[:type]}/#{target[:path]}"
       end
+      url = "#{target[:url]}#{target[:wp_content_dir]}/#{target[:path]}"
+
       request = enum_browser.forge_request(url, :cache_timeout => 0, :follow_location => true)
       request_count += 1
 
@@ -120,7 +121,7 @@ class WpEnumerator
         if targets_url.grep(%r{/#{item_name}/}).empty?
           targets_url << {
               :url            => url,
-              :path           => "#{type}/#{item_name}",
+              :path           => item_name,
               :wp_content_dir => wp_content_dir,
               :name           => item_name
           }

wpscan.rb

@@ -90,8 +90,8 @@ begin
 
   wp_theme = wp_target.theme
   if wp_theme
-    theme_version = wp_theme.version
+    # Theme version is handled in wp_item.to_s
-    puts "[!] The WordPress theme in use is #{wp_theme}#{' v' + theme_version if theme_version}"
+    puts "[!] The WordPress theme in use is #{wp_theme}"
 
     theme_vulnerabilities = wp_theme.vulnerabilities
     unless theme_vulnerabilities.empty?