module WpTarget::WpFullPathDisclosure

Public Instance Methods

full_path_disclosure_url() click to toggle source

@return [ String ]

# File lib/wpscan/wp_target/wp_full_path_disclosure.rb, line 14
def full_path_disclosure_url
  @uri.merge('wp-includes/rss-functions.php').to_s
end
has_full_path_disclosure?() click to toggle source

Check for Full Path Disclosure (FPD)

@return [ Boolean ]

# File lib/wpscan/wp_target/wp_full_path_disclosure.rb, line 8
def has_full_path_disclosure?
  response = Browser.get(full_path_disclosure_url())
  response.body[%r{Fatal error}] ? true : false
end