Adds v2.5.1

.ruby-version

@@ -1 +1 @@
-2.1.2
+2.1.3

CHANGELOG.md

@@ -1,6 +1,11 @@
 # Changelog
 ## Master
-[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.5...master)
+[Work in progress](https://github.com/wpscanteam/wpscan/compare/2.5.1...master)
+
+## Version 2.5.1
+Released: 2014-09-29
+
+Fixes reference URL to WPVDB
 
 ## Version 2.5
 Released: 2014-09-26 (@ BruCON 2014)
@@ -30,7 +35,7 @@ General core
 * Little output change and coloring
 * Adds a missing verbose output
 * Re-build redirection url if begin with slash '/'
-* Fixes the remove_conditional_comments function 
+* Fixes the remove_conditional_comments function
 * Ensures to give a string to Typhoeus
 * Fix wpstools check-vuln-ref-urls
 * Fix rspecs for new json

README

@@ -250,21 +250,13 @@ Debug output...
 ==WPSTOOLS ARGUMENTS==
 
 -v, --verbose                                                Verbose output
-    --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
-    --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-    --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-    --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-    --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-    --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-    --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
--s, --stats                                                  Show WpScan Database statistics
-    --spellcheck, --sc                                       Check all files for common spelling mistakes.
+--check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
+--check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
+s, --stats                                                  Show WpScan Database statistics.
+--spellcheck, --sc                                       Check all files for common spelling mistakes.
 
 ==WPSTOOLS EXAMPLES==
 
-- Generate a new 'most popular' plugin list, up to 1500 items ...
-ruby wpstools.rb --generate-plugin-list 1500
-
 Locally scan a wordpress installation for vulnerable files or shells:
 ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/
 

README.md

@@ -252,21 +252,12 @@ Debug output...
     -v, --verbose                                                Verbose output
         --check-vuln-ref-urls, --cvru                            Check all the vulnerabilities reference urls for 404
         --check-local-vulnerable-files, --clvf LOCAL_DIRECTORY   Perform a recursive scan in the LOCAL_DIRECTORY to find vulnerable files or shells
-        --generate-plugin-list, --gpl [NUMBER_OF_ITEMS]          Generate a new data/plugins.txt file. (supply number of *items* to parse, default : 1500)
-        --generate-full-plugin-list, --gfpl                      Generate a new full data/plugins.txt file
-        --generate-theme-list, --gtl [NUMBER_OF_ITEMS]           Generate a new data/themes.txt file. (supply number of *items* to parse, default : 200)
-        --generate-full-theme-list, --gftl                       Generate a new full data/themes.txt file
-        --generate-all, --ga                                     Generate a new full plugins, full themes, popular plugins and popular themes list
     -s, --stats                                                  Show WpScan Database statistics.
         --spellcheck, --sc                                       Check all files for common spelling mistakes.
 
 
 #### WPSTOOLS EXAMPLES
 
-Generate a new 'most popular' plugin list, up to 1500 items...
-
-```ruby wpstools.rb --generate-plugin-list 1500```
-
 Locally scan a wordpress installation for vulnerable files or shells:
 
 ```ruby wpstools.rb --check-local-vulnerable-files /var/www/wordpress/```
@@ -277,6 +268,10 @@ Or check [pyfiscan](https://github.com/fgeek/pyfiscan) project.
 
 [http://www.wpscan.org](http://www.wpscan.org)
 
+#### VULNERABILITY DATABASE
+
+[https://www.wpvulndb.com](https://www.wpvulndb.com)
+
 #### GIT REPOSITORY
 
 [https://github.com/wpscanteam/wpscan](https://github.com/wpscanteam/wpscan)

lib/common/common_helper.rb

@@ -34,7 +34,7 @@ WP_VERSIONS_XSD     = File.join(DATA_DIR, 'wp_versions.xsd')
 LOCAL_FILES_XSD     = File.join(DATA_DIR, 'local_vulnerable_files.xsd')
 USER_AGENTS_FILE    = File.join(DATA_DIR, 'user-agents.txt')
 
-WPSCAN_VERSION       = '2.5'
+WPSCAN_VERSION       = '2.5.1'
 
 $LOAD_PATH.unshift(LIB_DIR)
 $LOAD_PATH.unshift(WPSCAN_LIB_DIR)

lib/common/models/vulnerability/urls.rb

@@ -30,7 +30,7 @@ class Vulnerability
     end
 
     def url_id(id)
-      "https://wpvulndb.com/vulnerability/#{id}"
+      "https://wpvulndb.com/vulnerabilities/#{id}"
     end
   end
 end

lib/wpstools/plugins/checker/checker_plugin.rb

@@ -35,7 +35,7 @@ class CheckerPlugin < Plugin
       json.each do |asset|
         asset[asset.keys.inject]['vulnerabilities'].each do |url|
           unless url['url'].nil?
-            url['url'].split(',').each do |url|
+            url['url'].each do |url|
               urls << url
             end
           end