通过以下链接搜索:
generoi / wp-cli-wordfence
用于WP CLI的Wordfence插件扫描器
0.0.2
2023-09-07 20:47 UTC
Requires
- php: >=8.0.0
Requires (Dev)
- php-stubs/wp-cli-stubs: ^2.8
- phpstan/phpstan: ^1.10
- phpunit/phpunit: ^10.3
- squizlabs/php_codesniffer: ^3.7
- szepeviktor/phpstan-wordpress: ^1.3
- wp-phpunit/wp-phpunit: ^6.3
- yoast/phpunit-polyfills: ^2.0
This package is auto-updated.
Last update: 2024-09-19 19:39:49 UTC
README
这是一个打包成插件的WP CLI命令,它使用Wordfence公开漏洞数据源来扫描所有插件与已知的安全警告。注意,没有补丁的安全警告将使用exit(0)并因此不会检测到错误退出(1)
要求
- WP-CLI
用法
NAME
wp wordfence scan
DESCRIPTION
Scan plugins for vulnerabilities
SYNOPSIS
wp wordfence scan [<Plugin>...] [--email=<email>] [--format=<format>] [--only-errors] [--force] [--verbose]
[<Plugin>...]
One or more plugin slugs to check
[--email=<email>]
Send vulnerability report to email
[--format=<format>]
Format to use: ‘table’, ‘json’, ‘csv’, ‘yaml’, ‘ids’, ‘count’ (default: `table`)
[--only-errors]
Only output errors
[--force]
Force run even if unchanged
[--verbose]
Use verbose output
示例输出
+----------------------------------------------------------------------------------+---------------------+-----------+-------------------------------------------------------------------------------------+
| vulnerability | exception | has patch | references |
+----------------------------------------------------------------------------------+---------------------+-----------+-------------------------------------------------------------------------------------+
| WordPress Core - All Versions - Authenticated(Administrator+) PHP File Upload | * < 6.2.2 < * | | https://www.wordfence.com/threat-intel/vulnerabilities/id/0a6707ef-aab7-449c-8160-0 |
| | | | 34bc188a998?source=api-scan |
| WordPress Core <= 6.2 - Unauthenticated Blind Server Side Request Forgery | * < 6.2.2 < * | | https://www.wordfence.com/threat-intel/vulnerabilities/id/112ed4f2-fe91-4d83-a3f7-e |
| | | | af889870af4?source=api-scan |
| Advanced Custom Fields PRO 6.1 - 6.1.7 - Authenticated (Administrator+) Stored C | 6.1 < 6.1.7 < 6.1.7 | yes | https://www.wordfence.com/threat-intel/vulnerabilities/id/77876d74-5825-4bd8-812e-8 |
| ross-Site Scripting | | | 7061d0470e6?source=api-scan |
| WordPress Core - All Known Versions - Cleartext Storage of wp_signups.activation | * < 6.2.2 < * | | https://www.wordfence.com/threat-intel/vulnerabilities/id/9fda5e15-fdf9-4b67-93d3-2 |
| _key | | | dbfa94aefe9?source=api-scan |
| WordPress Core - Informational - All known Versions - Weak Hashing Algorithm | * < 6.2.2 < * | | https://www.wordfence.com/threat-intel/vulnerabilities/id/e5dc87cd-4f45-4faf-b1e2-6 |
| | | | 4e94eacb180?source=api-scan |
+----------------------------------------------------------------------------------+---------------------+-----------+-------------------------------------------------------------------------------------+
Copyright 2012-2023 Defiant Inc.
Defiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.
https://www.wordfence.com/wordfence-intelligence-terms-and-conditions/
示例Github动作
这假设您正在使用bedrock,并且此包已在您的composer.json中。欢迎提交PR以使此包自包含,这样我们就可以使用wp安装最新版本
name: Vulnerabilty Scan on: schedule: - cron: '5 4 * * *' workflow_dispatch: jobs: vulnerability-scan: name: Run vulnerability scan runs-on: ubuntu-latest steps: - name: Checkout Repository (latest) uses: actions/checkout@v3 - name: Read composer.json to env run: | echo 'COMPOSER_JSON<<EOF' >> $GITHUB_ENV cat ./composer.json >> $GITHUB_ENV echo 'EOF' >> $GITHUB_ENV - name: Setup PHP uses: shivammathur/setup-php@v2 with: php-version: ${{ fromJson(env.COMPOSER_JSON).config.platform.php }} - name: Start MySQL service run: | sudo /etc/init.d/mysql start mysql -e 'CREATE DATABASE db;' -uroot -proot mysql -e "CREATE USER 'db'@'localhost' IDENTIFIED BY 'db';" -uroot -proot mysql -e "GRANT ALL PRIVILEGES ON db.* TO 'db'@'localhost' WITH GRANT OPTION;" -uroot -proot - name: Install packages run: composer install - name: Launch web server run: ./vendor/bin/wp server & - name: Setup .env run: | cp .env.example .env sed -i 's/WP_HOME=.*/WP_HOME=http:\/\/localhost:8080/g' .env sed -i 's/DB_HOST=.*/DB_HOST=localhost/g' .env - name: Install WordPress run: ./vendor/bin/wp core install --url=https://:8080 --title="Bedrock" --admin_user="admin" --admin_password="admin" --admin_email="bedrock@example.test" - name: Run scan run: | ./vendor/bin/wp plugin activate wp-cli-wordfence ./vendor/bin/wp wordfence scan --email=foo@example.org
开发
安装依赖项
composer install
运行测试
npm -g i @wordpress/env
wp-env start
wp-env run tests-cli --env-cwd=wp-content/plugins/wp-cli-wordfence ./vendor/bin/phpunit