@@ -82,7 +82,7 @@ The DB is located at ~/.wpscan/db ## Vulnerability Database -The WPScan CLI tool uses the [WPVulnDB API](https://wpvulndb.com/api) to retrieve WordPress vulnerability data in real time. For WPScan to retrieve the vulnerability data an API token must be supplied via the `--api-token` option, or via a configuration file, as discussed below. An API token can be obtained by registering an account on [WPVulnDB](https://wpvulndb.com/users/sign_up). Up to 50 API requests per day are given free of charge to registered users. Once the 50 API requests are exhausted, WPScan will continue to work as normal but without any vulnerability data. Users can upgrade to paid API usage to increase their API limits within their user profile on [WPVulnDB](https://wpvulndb.com/). +The WPScan CLI tool uses the [WPScan API](https://wpscan.com/api) to retrieve WordPress vulnerability data in real time. For WPScan to retrieve the vulnerability data an API token must be supplied via the `--api-token` option, or via a configuration file, as discussed below. An API token can be obtained by registering an account on [WPScan](https://wpscam.com/register). Up to 50 API requests per day are given free of charge to registered users. Once the 50 API requests are exhausted, WPScan will continue to work as normal but without any vulnerability data. Users can upgrade to paid API usage to increase their API limits within their user profile on [WPScan](https://wpscan.com/). ## Load CLI options from file/s diff --git a/app/views/cli/vuln_api/status.erb b/app/views/cli/vuln_api/status.erb index b0bff0d7..3edebef8 100644 --- a/app/views/cli/vuln_api/status.erb +++ b/app/views/cli/vuln_api/status.erb @@ -9,5 +9,5 @@ <% end -%> <% else -%> <%= warning_icon %> No WPVulnDB API Token given, as a result vulnerability data has not been output. -<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up +<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpscan.com/register <% end -%> diff --git a/app/views/json/vuln_api/status.erb b/app/views/json/vuln_api/status.erb index 70f85d3d..f24ad2c6 100644 --- a/app/views/json/vuln_api/status.erb +++ b/app/views/json/vuln_api/status.erb @@ -8,6 +8,6 @@ "requests_remaining": <%= @status['requests_remaining'].to_json %> <% end -%> <% else -%> -"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up" +"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register" <% end -%> }, \ No newline at end of file diff --git a/lib/wpscan/db/vuln_api.rb b/lib/wpscan/db/vuln_api.rb index e86a1b48..07822f26 100644 --- a/lib/wpscan/db/vuln_api.rb +++ b/lib/wpscan/db/vuln_api.rb @@ -12,7 +12,7 @@ module WPScan # @return [ Addressable::URI ] def self.uri - @uri ||= Addressable::URI.parse('https://wpvulndb.com/api/v3/') + @uri ||= Addressable::URI.parse('https://wpscan.com/api/v3/') end # @param [ String ] path diff --git a/lib/wpscan/references.rb b/lib/wpscan/references.rb index a2573612..519200c7 100644 --- a/lib/wpscan/references.rb +++ b/lib/wpscan/references.rb @@ -27,7 +27,7 @@ module WPScan end def wpvulndb_url(id) - "https://wpvulndb.com/vulnerabilities/#{id}" + "https://wpscan.com/vulnerabilities/#{id}" end end end diff --git a/spec/output/main_theme/vulnerable.cli_no_colour b/spec/output/main_theme/vulnerable.cli_no_colour index 86efcba7..9461a9ac 100644 --- a/spec/output/main_theme/vulnerable.cli_no_colour +++ b/spec/output/main_theme/vulnerable.cli_no_colour @@ -17,7 +17,7 @@ | | [!] Title: Dignitas 1.1.9 - Privilage Escalation | References: - | - https://wpvulndb.com/vulnerabilities/7825 + | - https://wpscan.com/vulnerabilities/7825 | - http://research.evex.pw/?vuln=6 | - https://packetstormsecurity.com/files/130652/ | diff --git a/spec/output/vuln_api/no_token.cli_no_colour b/spec/output/vuln_api/no_token.cli_no_colour index 52467d34..db3c8d8f 100644 --- a/spec/output/vuln_api/no_token.cli_no_colour +++ b/spec/output/vuln_api/no_token.cli_no_colour @@ -1,2 +1,2 @@ [!] No WPVulnDB API Token given, as a result vulnerability data has not been output. -[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up +[!] You can get a free API token with 50 daily requests by registering at https://wpscan.com/register diff --git a/spec/output/vuln_api/no_token.json b/spec/output/vuln_api/no_token.json index 34c725da..50893ddd 100644 --- a/spec/output/vuln_api/no_token.json +++ b/spec/output/vuln_api/no_token.json @@ -1,5 +1,5 @@ { "vuln_api": { - "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up" + "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register" } } \ No newline at end of file diff --git a/spec/output/wp_version/with_vulns.cli_no_colour b/spec/output/wp_version/with_vulns.cli_no_colour index 399d20f9..17303580 100644 --- a/spec/output/wp_version/with_vulns.cli_no_colour +++ b/spec/output/wp_version/with_vulns.cli_no_colour @@ -5,12 +5,12 @@ | | [!] Title: WP 3.8.1 - Vuln 1 | CVSS: 5.4 (VECTOR) - | Reference: https://wpvulndb.com/vulnerabilities/1 + | Reference: https://wpscan.com/vulnerabilities/1 | | [!] Title: WP 3.8.1 - Vuln 2 | Fixed in: 3.8.2 | References: - | - https://wpvulndb.com/vulnerabilities/2 + | - https://wpscan.com/vulnerabilities/2 | - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0166 | - url-2 | - url-3 diff --git a/spec/shared_examples/references.rb b/spec/shared_examples/references.rb index 91670938..c9fcd70e 100644 --- a/spec/shared_examples/references.rb +++ b/spec/shared_examples/references.rb @@ -33,11 +33,11 @@ shared_examples WPScan::References do its(:cve_urls) { should eql %w[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-11] } its(:wpvulndb_ids) { should eql %w[12] } - its(:wpvulndb_urls) { should eql %w[https://wpvulndb.com/vulnerabilities/12] } + its(:wpvulndb_urls) { should eql %w[https://wpscan.com/vulnerabilities/12] } its(:references_urls) do should eql [ - 'https://wpvulndb.com/vulnerabilities/12', + 'https://wpscan.com/vulnerabilities/12', 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-11' ] end