Updates DB URLs

erwanlr · erwanlr · commit f61c55b350a4 · 2020-10-08T19:29:57.000+02:00
diff --git a/README.md b/README.md
@@ -10,7 +10,7 @@
   WordPress Security Scanner
   <br>
   <br>
-  <a href="https://wpscan.org/" title="homepage" target="_blank">Homepage</a> - <a href="https://wpscan.io/" title="wpscan.io" target="_blank">WPScan.io</a> - <a href="https://wpvulndb.com/" title="vulnerability database" target="_blank">Vulnerability Database</a> - <a href="https://wordpress.org/plugins/wpscan/" title="wordpress security plugin" target="_blank">WordPress Security Plugin</a>
+  <a href="https://wpscan.com/" title="homepage" target="_blank">WPScan WordPress Vulnerability Database</a> - <a href="https://wordpress.org/plugins/wpscan/" title="wordpress security plugin" target="_blank">WordPress Security Plugin</a>
 </p>
 
 <p align="center">
@@ -82,7 +82,7 @@ The DB is located at ~/.wpscan/db
 
 ## Vulnerability Database
 
-The WPScan CLI tool uses the [WPVulnDB API](https://wpvulndb.com/api) to retrieve WordPress vulnerability data in real time. For WPScan to retrieve the vulnerability data an API token must be supplied via the `--api-token` option, or via a configuration file, as discussed below. An API token can be obtained by registering an account on [WPVulnDB](https://wpvulndb.com/users/sign_up). Up to 50 API requests per day are given free of charge to registered users. Once the 50 API requests are exhausted, WPScan will continue to work as normal but without any vulnerability data. Users can upgrade to paid API usage to increase their API limits within their user profile on [WPVulnDB](https://wpvulndb.com/).
+The WPScan CLI tool uses the [WPScan API](https://wpscan.com/api) to retrieve WordPress vulnerability data in real time. For WPScan to retrieve the vulnerability data an API token must be supplied via the `--api-token` option, or via a configuration file, as discussed below. An API token can be obtained by registering an account on [WPScan](https://wpscam.com/register). Up to 50 API requests per day are given free of charge to registered users. Once the 50 API requests are exhausted, WPScan will continue to work as normal but without any vulnerability data. Users can upgrade to paid API usage to increase their API limits within their user profile on [WPScan](https://wpscan.com/).
 
 ## Load CLI options from file/s
 
diff --git a/app/views/cli/vuln_api/status.erb b/app/views/cli/vuln_api/status.erb
@@ -9,5 +9,5 @@
 <% end -%>
 <% else -%>
 <%= warning_icon %> No WPVulnDB API Token given, as a result vulnerability data has not been output.
-<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
+<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpscan.com/register
 <% end -%>
diff --git a/app/views/json/vuln_api/status.erb b/app/views/json/vuln_api/status.erb
@@ -8,6 +8,6 @@
 "requests_remaining": <%= @status['requests_remaining'].to_json %>
 <% end -%>
 <% else -%>
-"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up"
+"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register"
 <% end -%>
 },
diff --git a/lib/wpscan/db/vuln_api.rb b/lib/wpscan/db/vuln_api.rb
@@ -12,7 +12,7 @@ class << self
 
       # @return [ Addressable::URI ]
       def self.uri
-        @uri ||= Addressable::URI.parse('https://wpvulndb.com/api/v3/')
+        @uri ||= Addressable::URI.parse('https://wpscan.com/api/v3/')
       end
 
       # @param [ String ] path
diff --git a/lib/wpscan/references.rb b/lib/wpscan/references.rb
@@ -27,7 +27,7 @@ def wpvulndb_urls
     end
 
     def wpvulndb_url(id)
-      "https://wpvulndb.com/vulnerabilities/#{id}"
+      "https://wpscan.com/vulnerabilities/#{id}"
     end
   end
 end
diff --git a/spec/output/main_theme/vulnerable.cli_no_colour b/spec/output/main_theme/vulnerable.cli_no_colour
@@ -17,7 +17,7 @@
  |
  | [!] Title: Dignitas 1.1.9 - Privilage Escalation
  |     References:
- |      - https://wpvulndb.com/vulnerabilities/7825
+ |      - https://wpscan.com/vulnerabilities/7825
  |      - http://research.evex.pw/?vuln=6
  |      - https://packetstormsecurity.com/files/130652/
  |
diff --git a/spec/output/vuln_api/no_token.cli_no_colour b/spec/output/vuln_api/no_token.cli_no_colour
@@ -1,2 +1,2 @@
 [!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
-[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up
+[!] You can get a free API token with 50 daily requests by registering at https://wpscan.com/register
diff --git a/spec/output/vuln_api/no_token.json b/spec/output/vuln_api/no_token.json
@@ -1,5 +1,5 @@
 {
   "vuln_api": {
-    "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up"
+    "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register"
   }
 }
diff --git a/spec/output/wp_version/with_vulns.cli_no_colour b/spec/output/wp_version/with_vulns.cli_no_colour
@@ -5,12 +5,12 @@
  |
  | [!] Title: WP 3.8.1 - Vuln 1
  |     CVSS: 5.4 (VECTOR)
- |     Reference: https://wpvulndb.com/vulnerabilities/1
+ |     Reference: https://wpscan.com/vulnerabilities/1
  |
  | [!] Title: WP 3.8.1 - Vuln 2
  |     Fixed in: 3.8.2
  |     References:
- |      - https://wpvulndb.com/vulnerabilities/2
+ |      - https://wpscan.com/vulnerabilities/2
  |      - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0166
  |      - url-2
  |      - url-3
diff --git a/spec/shared_examples/references.rb b/spec/shared_examples/references.rb
@@ -33,11 +33,11 @@
       its(:cve_urls) { should eql %w[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-11] }
 
       its(:wpvulndb_ids)  { should eql %w[12] }
-      its(:wpvulndb_urls) { should eql %w[https://wpvulndb.com/vulnerabilities/12] }
+      its(:wpvulndb_urls) { should eql %w[https://wpscan.com/vulnerabilities/12] }
 
       its(:references_urls) do
         should eql [
-          'https://wpvulndb.com/vulnerabilities/12',
+          'https://wpscan.com/vulnerabilities/12',
           'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-11'
         ]
       end

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`	`\|`
`18`	`18`	`\| [!] Title: Dignitas 1.1.9 - Privilage Escalation`
`19`	`19`	`\| References:`
`20`		`- \| - https://wpvulndb.com/vulnerabilities/7825`
	`20`	`+ \| - https://wpscan.com/vulnerabilities/7825`
`21`	`21`	`\| - http://research.evex.pw/?vuln=6`
`22`	`22`	`\| - https://packetstormsecurity.com/files/130652/`
`23`	`23`	`\|`
Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,2 @@`
`1`	`1`	`[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.`
`2`		`-[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up`
	`2`	`+[!] You can get a free API token with 50 daily requests by registering at https://wpscan.com/register`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`{`
`2`	`2`	`"vuln_api": {`
`3`		`- "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up"`
	`3`	`+ "error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpscan.com/register"`
`4`	`4`	`}`
`5`	`5`	`}`