Check the wp-login.php for potential redirection before using it

lib/wpscan/target/platform/wordpress.rb

@@ -72,9 +72,21 @@ module WPScan
           )
         end
 
+        # The login page is checked for a potential redirection (from http to https)
+        # the first time the method is called, and the effective_url is then used
+        # if suitable, otherwise the default wp-login will be.
+        #
         # @return [ String ] The URL to the login page
         def login_url
-          url('wp-login.php')
+          return @login_url if @login_url
+
+          @login_url = url('wp-login.php')
+
+          res = Browser.get_and_follow_location(@login_url)
+
+          @login_url = res.effective_url if in_scope?(res.effective_url)
+
+          @login_url
         end
       end
     end

spec/shared_examples/target/platform/wordpress.rb

@@ -81,4 +81,33 @@ shared_examples WPScan::Target::Platform::WordPress do
       its(:wordpress_hosted?) { should be false }
     end
   end
+
+  describe '#login_url' do
+    before { allow(target).to receive(:sub_dir) }
+
+    context 'when returning a 200' do
+      before { stub_request(:get, target.url('wp-login.php')).to_return(status: 200) }
+
+      its(:login_url) { should eql target.url('wp-login.php') }
+    end
+
+    context 'when a redirection occured' do
+      before do
+        expect(WPScan::Browser).to receive(:get_and_follow_location)
+          .and_return(Typhoeus::Response.new(effective_url: effective_url, body: ''))
+      end
+
+      context 'to an in scope URL' do
+        let(:effective_url) { target.url('wp-login.php').gsub('http', 'https') }
+
+        its(:login_url) { should eql effective_url }
+      end
+
+      context 'to an out of scope URL' do
+        let(:effective_url) { 'http://something.else' }
+
+        its(:login_url) { should eql target.url('wp-login.php') }
+      end
+    end
+  end
 end