Open rahul286 opened 9 years ago
Just a FYI code updated to also report theme and core vulnerabilities.
We can also consider https://github.com/wpscanteam/wpscan
Hey @MiteshShah just to put things into perspective,
running wpscan would be like running a blind gun against our side as its basically meant to blackbox pentesters (for that specific task its the best tool). The code i have written is made with assumption that you are sysadmin and you already have internal access to box and hence already know the plugins and theme details. (that's why wpcli is used to get plugin/theme and core info)
This saves a lot of time to do the scan and enumeration, and effectively i am leveraging the same vulnerability database which is used inside wpscan, so the results would be the same.
Update: we are tracking all feature requests under a new https://github.com/EasyEngine/feature-requests/ repo so moved this issue.
https://github.com/anantshri/wpvulndb_commandline
I think this is nice :-)
May be we can add this in "watchman" release.