Skip to content

Commit 3ab9c06

Browse files
manuel-sommermanuel-sommer
authored
🎉 Add fix_available information to wpscan #12633 (#13153)
1 parent 8fb9fd7 commit 3ab9c06

File tree

2 files changed

+5
-0
lines changed

2 files changed

+5
-0
lines changed

dojo/tools/wpscan/parser.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,10 @@ def get_vulnerabilities(
6262
if report_date:
6363
finding.date = report_date
6464
# if there is a fixed version fill mitigation
65+
finding.fix_available = False
6566
if vul.get("fixed_in"):
6667
finding.mitigation = "fixed in : " + vul["fixed_in"]
68+
finding.fix_available = True
6769
# manage CVE
6870
if "cve" in vul["references"]:
6971
finding.unsaved_vulnerability_ids = []

unittests/tools/test_wpscan_parser.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,7 @@ def test_parse_file_with_multiple_vuln_in_version(self):
107107
self.assertNotEqual("Info", finding.severity) # it is a vulnerability so not 'Info'
108108
self.assertEqual("WordPress 2.8.1-4.7.2 - Control Characters in Redirect URL Validation", finding.title)
109109
self.assertEqual("fixed in : 4.6.4", finding.mitigation)
110+
self.assertEqual(True, finding.fix_available)
110111
self.assertEqual("", finding.get_scanner_confidence_text()) # data are => 100%
111112

112113
def test_parse_file_issue5774(self):
@@ -123,6 +124,7 @@ def test_parse_file_issue5774(self):
123124
self.assertNotEqual("Info", finding.severity)
124125
self.assertEqual("All in One SEO Pack <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting (XSS)", finding.title)
125126
self.assertEqual("fixed in : 2.10", finding.mitigation)
127+
self.assertEqual(True, finding.fix_available)
126128
self.assertEqual(7, finding.scanner_confidence)
127129
self.assertEqual("Tentative", finding.get_scanner_confidence_text()) # data are at 30%
128130
with self.subTest(i=19):
@@ -137,6 +139,7 @@ def test_parse_file_issue5774(self):
137139
self.assertNotEqual("Info", finding.severity)
138140
self.assertEqual("All in One SEO Pack <= 2.9.1.1 - Authenticated Stored Cross-Site Scripting (XSS)", finding.title)
139141
self.assertEqual("fixed in : 2.10", finding.mitigation)
142+
self.assertEqual(True, finding.fix_available)
140143
self.assertEqual("Tentative", finding.get_scanner_confidence_text()) # data are at 30%
141144

142145
with self.subTest(i=50):

0 commit comments

Comments
 (0)