class WPScan::Finders::DynamicFinder::WpVersion::WpItemQueryParameter

This one has been disabled from the DF.yml as it was causing FPs when a plugin had numerous files matching a known WP version.

Public Instance Methods

path_pattern() click to toggle source
# File lib/wpscan/finders/dynamic_finder/wp_version.rb, line 50
def path_pattern
  @path_pattern ||= %r{
    (?:#{Regexp.escape(target.plugins_dir)}|#{Regexp.escape(target.themes_dir)})/
    [^/]+/
    .*\.(?:css|js)\z
  }ix
end
xpath() click to toggle source
# File lib/wpscan/finders/dynamic_finder/wp_version.rb, line 43
def xpath
  @xpath ||=
    self.class::XPATH ||
    "//link[contains(@href,'#{target.plugins_dir}') or contains(@href,'#{target.themes_dir}')]/@href" \
    "|//script[contains(@src,'#{target.plugins_dir}') or contains(@src,'#{target.themes_dir}')]/@src"
end