Class: WPScan::Model::WpVersion

Inherits:
CMSScanner::Model::Version
  • Object
show all
Includes:
Vulnerable
Defined in:
app/models/wp_version.rb

Overview

WP Version

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Vulnerable

#vulnerable?

Constructor Details

#initialize(number, opts = {}) ⇒ WpVersion

Returns a new instance of WpVersion.



9
10
11
12
13
# File 'app/models/wp_version.rb', line 9

def initialize(number, opts = {})
  raise Error::InvalidWordPressVersion unless WpVersion.valid?(number.to_s)

  super(number, opts)
end

Class Method Details

.allArray<String>

Returns All the version numbers.

Returns:

  • (Array<String>)

    All the version numbers



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# File 'app/models/wp_version.rb', line 23

def self.all
  return @all_numbers if @all_numbers

  @all_numbers = []

  DB::Version..each_key do |ver|
    @all_numbers << ver
  end

  DB::Fingerprints.wp_fingerprints.each_value do |fp|
    @all_numbers << fp.values
  end

  # @all_numbers.flatten.uniq.sort! {} doesn't produce the same result here.
  @all_numbers.flatten!
  @all_numbers.uniq!
  @all_numbers.sort! { |a, b| Gem::Version.new(b) <=> Gem::Version.new(a) }
end

.valid?(number) ⇒ Boolean

Returns true if the number is a valid WP version, false otherwise.

Parameters:

  • number (String)

Returns:

  • (Boolean)

    true if the number is a valid WP version, false otherwise



18
19
20
# File 'app/models/wp_version.rb', line 18

def self.valid?(number)
  all.include?(number)
end

Instance Method Details

#db_dataHash

Returns:

  • (Hash)


50
51
52
# File 'app/models/wp_version.rb', line 50

def db_data
  @db_data ||= DB::VulnApi.wordpress_data(number)
end

#metadataHash

Retrieve the metadata from the vuln API if available (and a valid token is given), or the local metadata db otherwise

Returns:

  • (Hash)


45
46
47
# File 'app/models/wp_version.rb', line 45

def 
  @metadata ||= db_data.empty? ? DB::Version.(number) : db_data
end

#release_dateString

Returns:

  • (String)


68
69
70
# File 'app/models/wp_version.rb', line 68

def release_date
  @release_date ||= ['release_date'] || 'Unknown'
end

#statusString

Returns:

  • (String)


73
74
75
# File 'app/models/wp_version.rb', line 73

def status
  @status ||= ['status'] || 'Unknown'
end

#vulnerabilitiesArray<Vulnerability>

Returns:



55
56
57
58
59
60
61
62
63
64
65
# File 'app/models/wp_version.rb', line 55

def vulnerabilities
  return @vulnerabilities if @vulnerabilities

  @vulnerabilities = []

  Array(db_data['vulnerabilities']).each do |json_vuln|
    @vulnerabilities << Vulnerability.load_from_json(json_vuln)
  end

  @vulnerabilities
end