From d8a9b3aa77eaa058a1b435367dda831724312515 Mon Sep 17 00:00:00 2001
From: ethicalhack3r <ryandewhurst@gmail.com>
Date: Thu, 14 Sep 2017 19:12:37 +0200
Subject: [PATCH] Only show readme.html output when wp <= 4.8 #1127

---
 wpscan.rb | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/wpscan.rb b/wpscan.rb
index 9812e15f..cf033f61 100755
--- a/wpscan.rb
+++ b/wpscan.rb
@@ -206,10 +206,6 @@ def main
       end
     end
 
-    if wp_target.has_readme?
-      puts warning("The WordPress '#{wp_target.readme_url}' file exists exposing a version number")
-    end
-
     if wp_target.has_full_path_disclosure?
       puts warning("Full Path Disclosure (FPD) in '#{wp_target.full_path_disclosure_url}': #{wp_target.full_path_disclosure_data}")
     end
@@ -271,7 +267,13 @@ def main
       exclude_content: wpscan_options.exclude_content_based
     }
 
-    if wp_version = wp_target.version(WP_VERSIONS_FILE)
+    wp_version = wp_target.version(WP_VERSIONS_FILE)
+
+    if wp_target.has_readme? && VersionCompare::lesser_or_equal?(wp_version.identifier, '4.8')
+      puts warning("The WordPress '#{wp_target.readme_url}' file exists exposing a version number")
+    end
+
+    if wp_version
       wp_version.output(wpscan_options.verbose)
     else
       puts