Closed iamdharmesh closed 1 year ago
Note: Functional tests for WPScan failing due to exceeding the Daily API limit.
@iamdharmesh heads up on https://www.wordfence.com/intelligence-documentation/v2-accessing-and-consuming-the-vulnerability-data-feed/#changes, might require a tweak here before merge/release?
@iamdharmesh heads up on wordfence.com/intelligence-documentation/v2-accessing-and-consuming-the-vulnerability-data-feed/#changes, might require a tweak here before merge/release?
@jeffpaul We are not using the copyright field, So, our implementation will not affect by this.
Note that I'm coordinating with the folks at Wordfence for a code review here as well, so let's hold before merging to give them a chance to provide input as well.
Update:
@jeffpaul I have made changes related to JSON parser here and I will work on other changes like adding the references column, renaming the fix
column to Fixed in
, adding show API provider information etc... next week.
@iamdharmesh probably good to merge here and continue with the remainder of the 1.2.0 issues
Description of the Change
PR adds support for Wordfence API to check reported vulnerabilities for WordPress core, installed plugins and themes.
Users can choose Wordfence API for vulnerabilities scan by adding the
VULN_API_PROVIDER
constant in wp-config.phpApart from Wordfence Intelligence CE support, PR makes the below changes.
stable
branch with built code on push to thetrunk
branch.Closes #76
How to test the Change
VULN_API_PROVIDER
constant in wp-config.php as below.vuln
commands in readme to scan for vulnerabilities.Changelog Entry
Credits
Props @iamdharmesh @jeffpaul Charles Sweethill, Matt Barry (Wordfence Team)
Checklist: