jeffpaul
commented
3 years ago @TheLastCicada @jasondewitt pinging you to see if this is something you still want to get into the plugin / have feedback before its ready to be merged?
Closed phlbnks closed 2 years ago
jeffpaul
commented
3 years ago @TheLastCicada @jasondewitt pinging you to see if this is something you still want to get into the plugin / have feedback before its ready to be merged?
jeffpaul
commented
2 years ago Confirmed with @kojraai that this PR looks good and provides a valid JSON file
wp vuln plugin-status --format=json | jq .
[
{
"name": "wpcli-vulnerability-scanner/wpcli-vulnerability-scanner",
"installed version": "0.0.3",
"status": "Error generating report for wpcli-vulnerability-scanner/wpcli-vulnerability-scanner",
"introduced in": "n/a",
"fix": "n/a"
},
{
"name": "akismet",
"installed version": "4.1.12",
"status": "No vulnerabilities reported for this version of akismet",
"introduced in": "n/a",
"fix": "n/a"
},
{
"name": "elasticpress",
"installed version": "3.5.2",
"status": "No vulnerabilities reported for this version of elasticpress",
"introduced in": "n/a",
"fix": "n/a"
},
{
"name": "hello",
"installed version": "1.7.2",
"status": "Error generating report for hello",
"introduced in": "n/a",
"fix": "n/a"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web <= 1.5.24 - Authenticated LFI",
"introduced in": "n/a",
"fix": "Fixed in 1.5.25"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web <= 1.5.22 - Authenticated XSS",
"introduced in": "n/a",
"fix": "Fixed in 1.5.23"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web <= 1.5.30 - SQL Injection",
"introduced in": "n/a",
"fix": "Fixed in 1.5.31"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web < 1.5.35 - SQL Injection & XSS",
"introduced in": "n/a",
"fix": "Fixed in 1.5.35"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.46 - Multiple Cross-Site Scripting (XSS) Issues",
"introduced in": "n/a",
"fix": "Fixed in 1.5.46"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web < 1.5.55 - Unauthenticated SQL Injection",
"introduced in": "n/a",
"fix": "Fixed in 1.5.55"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS)",
"introduced in": "n/a",
"fix": "Fixed in 1.5.68"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery by 10web < 1.5.69 - Reflected Cross-Site Scripting (XSS)",
"introduced in": "n/a",
"fix": "Fixed in 1.5.69"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.69 - Multiple Reflected Cross-Site Scripting (XSS)",
"introduced in": "n/a",
"fix": "Fixed in 1.5.69"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title",
"introduced in": "n/a",
"fix": "Fixed in 1.5.67"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.79 - Stored XSS via Uploaded SVG in Zip",
"introduced in": "n/a",
"fix": "Fixed in 1.5.79"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.75 - Stored Cross-Site Scripting via Uploaded SVG",
"introduced in": "n/a",
"fix": "Fixed in 1.5.75"
},
{
"name": "photo-gallery",
"installed version": "1.5.20",
"status": "Photo Gallery < 1.5.75 - File Upload Path Traversal",
"introduced in": "n/a",
"fix": "Fixed in 1.5.75"
},
{
"name": "streamcast",
"installed version": "2.0.0",
"status": "StreamCast < 2.1.1 - Contributor+ Stored Cross-Site Scripting",
"introduced in": "n/a",
"fix": "Fixed in 2.1.1"
},
{
"name": "wpcli-vulnerability-scanner/wp-vulnerability-scanner",
"installed version": "0.0.2",
"status": "Error generating report for wpcli-vulnerability-scanner/wp-vulnerability-scanner",
"introduced in": "n/a",
"fix": "n/a"
}
]
This command outputs multiple JSON lists, yet it's reasonable to expect a single output in JSON; what's more you have to use --quiet to avoid text string being output too. This outputs a single valid JSON array that merges all 3 outputs.