Download the PHP package zae/wp-vulnerabilities without Composer
On this page you can find all versions of the php package zae/wp-vulnerabilities. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download zae/wp-vulnerabilities
More information about zae/wp-vulnerabilities
Files in zae/wp-vulnerabilities
Package wp-vulnerabilities
Short Description Scan your wordpress installation for known vulnerabilities
License MIT
Informations about the package wp-vulnerabilities
Wordpress vulnerabilities scanner
Scan your wordpress installation and find out if there are any vulnerable plugins installed.
Scanners
scan:wordpress Scan your wordpress version scan:plugins Scan your installed plugins scan:wordpress Scan your installed themes
Return code
The command will return 1 if there are vulnerable plugins, themes or wordpresses found and show a table with explanations, the command will return 0 if no vulnerable plugins were found.
Providers
Most of the functionality is provided by providers using a Pipeline.
Pre
All the filters that create a list of the installed plugins should mutate the $plugins array before calling $next
Post
All the filters that check for vulnerabilities should mutate the $plugins array after calling $next
Pipeline
This project uses the Laravel 5 Pipeline project.
Config
You can configure the plugin using the wp_scan.yml file.
TODO
Add more providers to add capabilities like reading composer files. Add a scanner that checks wordpress itself Add a scanner that checks themes Cleanup Tests
All versions of wp-vulnerabilities with dependencies
guzzlehttp/guzzle Version ^5.3|^6.0
illuminate/container Version ^5.2
illuminate/console Version ^5.2
symfony/yaml Version ^2.0|^3.0
illuminate/filesystem Version ^5.2
illuminate/pipeline Version ^5.2
composer/semver Version ^0.1|^1.0
illuminate/events Version ^5.2
zae/wp-fileheader Version ^1.0