Skip to content
This repository was archived by the owner on Feb 13, 2026. It is now read-only.

Commit 7c9d43a

Browse files
authored
Merge pull request #107 from 10up/release/1.2.2
Release/1.2.2
2 parents 6dc8e8c + b9b481c commit 7c9d43a

4 files changed

Lines changed: 15 additions & 4 deletions

File tree

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,13 @@ All notable changes to this project will be documented in this file, per [the Ke
44

55
## [Unreleased] - TBD
66

7+
## [1.2.2] - 2024-11-20
8+
### Changed
9+
- Bump `actions/upload-artifact` from v3 to v4 (props [@iamdharmesh](https://github.com/iamdharmesh), [@jeffpaul](https://github.com/jeffpaul) via [#104](https://github.com/10up/wpcli-vulnerability-scanner/pull/104)).
10+
11+
### Fixed
12+
- Ensure the final release contains the `composer.json` file so the plugin can be installed properly via WP-CLI (props [@burhandodhy](https://github.com/burhandodhy), [@iamdharmesh](https://github.com/iamdharmesh), [@felipeelia](https://github.com/felipeelia) via [#105](https://github.com/10up/wpcli-vulnerability-scanner/pull/105)).
13+
714
## [1.2.1] - 2024-04-01
815
### Added
916
- Introduce new filter, `vuln_skip_vulnerability_check`, that can be used to skip the vulnerability check for a specific vulnerability (props [@burhandodhy](https://github.com/burhandodhy), [@shahzaib10up](https://github.com/shahzaib10up), [@iamdharmesh](https://github.com/iamdharmesh) via [#101](https://github.com/10up/wpcli-vulnerability-scanner/pull/101)).
@@ -55,6 +62,7 @@ All notable changes to this project will be documented in this file, per [the Ke
5562
## [0.0.1] - 2016-06-02
5663

5764
[Unreleased]: https://github.com/10up/wpcli-vulnerability-scanner/compare/trunk...develop
65+
[1.2.2]: https://github.com/10up/wpcli-vulnerability-scanner/compare/1.2.1...1.2.2
5866
[1.2.1]: https://github.com/10up/wpcli-vulnerability-scanner/compare/1.2.0...1.2.1
5967
[1.2.0]: https://github.com/10up/wpcli-vulnerability-scanner/compare/1.1.0...1.2.0
6068
[1.1.0]: https://github.com/10up/wpcli-vulnerability-scanner/compare/1.0.0...1.1.0

CREDITS.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ The following individuals are responsible for curating the list of issues, respo
1212

1313
Thank you to all the people who have already contributed to this repository via bug reports, code, design, ideas, project management, translation, testing, etc.
1414

15-
[Kailey Lampert (@trepmal)](https://github.com/trepmal), [Ritesh Patel (@Ritesh-patel)](https://github.com/Ritesh-patel), [Robert Lilly (@rclilly)](https://github.com/rclilly), [Steve Hulet (@hulet)](https://github.com/hulet), [Allan Collins (@allan23)](https://github.com/allan23), [Phil Banks (@phlbnks)](https://github.com/phlbnks), [Eugene Manuilov (@eugene-manuilov)](https://github.com/eugene-manuilov), [Vladimir Knobel (@vladox)](https://github.com/vladox), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Thorsten Ott (@tott)](https://github.com/tott), [Tyler Cherpak (@tylercherpak)](https://github.com/tylercherpak), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Pablo Amato (@pabamato)](https://github.com/pabamato), [Zachary Brown (@TheLastCicada)](https://github.com/TheLastCicada), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Max Lyuchin (@cadic)](https://github.com/cadic), [Jozsef Kozo (@kojraai)](https://github.com/kojraai), [Chris Wiegman (@ChrisWiegman)](https://github.com/ChrisWiegman), [ssnepenthe (@ssnepenthe)](https://github.com/ssnepenthe), [Evan Tobin (@evantobin)](https://github.com/evantobin), [Victor Dieppa Garriga (@dieppon)](https://github.com/dieppon), [marek (@marekmaurizio)](https://github.com/marekmaurizio), [planetahuevo (@planetahuevo)](https://github.com/planetahuevo), [bo.johnson (@boyeatssteak)](https://github.com/boyeatssteak), [Erik Hausen (@ehausen)](https://github.com/ehausen), [Eduardo Aranda Hernández (@eduardoarandah)](https://github.com/eduardoarandah), [Angelo Rocha (@angelorock)](https://github.com/angelorock), [Frankie Bordone (@frankiebordone)](https://github.com/frankiebordone), [t2d (@t2d)](https://github.com/t2d), [Prasath Nadarajah (@nprasath002)](https://github.com/nprasath002), [Alexander Dimitrov (@randstring)](https://github.com/randstring), [Andrew Minion (@andrewminion-luminfire)](https://github.com/andrewminion-luminfire), [Russell F (@rfair404)](https://github.com/rfair404), [Sean Dietrich (@sean-e-dietrich)](https://github.com/sean-e-dietrich), [André Durão (@andredurao)](https://github.com/andredurao), [Ben Greeley (@bengreeley)](https://github.com/bengreeley), [Amit Singh (@thecancerus)](https://github.com/thecancerus), [Igor Radovanov (@igorradovanov)](https://github.com/igorradovanov), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [Mohammed Razzaq (@MARQAS)](https://github.com/MARQAS), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Charles Sweethill (@wordfence)](https://github.com/wordfence), [Matt Barry (@barmat)](https://github.com/barmat), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [Ben Marshall (@bmarshall511)](https://github.com/bmarshall511), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Burhan Nasir (@burhandodhy)](https://github.com/burhandodhy), [Shahzaib Mushtaq (@shahzaib10up)](https://github.com/shahzaib10up), [Brooke Campbell](https://www.linkedin.com/in/brookecampbelldesign/).
15+
[Kailey Lampert (@trepmal)](https://github.com/trepmal), [Ritesh Patel (@Ritesh-patel)](https://github.com/Ritesh-patel), [Robert Lilly (@rclilly)](https://github.com/rclilly), [Steve Hulet (@hulet)](https://github.com/hulet), [Allan Collins (@allan23)](https://github.com/allan23), [Phil Banks (@phlbnks)](https://github.com/phlbnks), [Eugene Manuilov (@eugene-manuilov)](https://github.com/eugene-manuilov), [Vladimir Knobel (@vladox)](https://github.com/vladox), [Oscar Sanchez S. (@oscarssanchez)](https://github.com/oscarssanchez), [Thorsten Ott (@tott)](https://github.com/tott), [Tyler Cherpak (@tylercherpak)](https://github.com/tylercherpak), [Jeffrey Paul (@jeffpaul)](https://github.com/jeffpaul), [Pablo Amato (@pabamato)](https://github.com/pabamato), [Zachary Brown (@TheLastCicada)](https://github.com/TheLastCicada), [Rahul Prajapati (@rahulsprajapati)](https://github.com/rahulsprajapati), [Max Lyuchin (@cadic)](https://github.com/cadic), [Jozsef Kozo (@kojraai)](https://github.com/kojraai), [Chris Wiegman (@ChrisWiegman)](https://github.com/ChrisWiegman), [ssnepenthe (@ssnepenthe)](https://github.com/ssnepenthe), [Evan Tobin (@evantobin)](https://github.com/evantobin), [Victor Dieppa Garriga (@dieppon)](https://github.com/dieppon), [marek (@marekmaurizio)](https://github.com/marekmaurizio), [planetahuevo (@planetahuevo)](https://github.com/planetahuevo), [bo.johnson (@boyeatssteak)](https://github.com/boyeatssteak), [Erik Hausen (@ehausen)](https://github.com/ehausen), [Eduardo Aranda Hernández (@eduardoarandah)](https://github.com/eduardoarandah), [Angelo Rocha (@angelorock)](https://github.com/angelorock), [Frankie Bordone (@frankiebordone)](https://github.com/frankiebordone), [t2d (@t2d)](https://github.com/t2d), [Prasath Nadarajah (@nprasath002)](https://github.com/nprasath002), [Alexander Dimitrov (@randstring)](https://github.com/randstring), [Andrew Minion (@andrewminion-luminfire)](https://github.com/andrewminion-luminfire), [Russell F (@rfair404)](https://github.com/rfair404), [Sean Dietrich (@sean-e-dietrich)](https://github.com/sean-e-dietrich), [André Durão (@andredurao)](https://github.com/andredurao), [Ben Greeley (@bengreeley)](https://github.com/bengreeley), [Amit Singh (@thecancerus)](https://github.com/thecancerus), [Igor Radovanov (@igorradovanov)](https://github.com/igorradovanov), [Dharmesh Patel (@iamdharmesh)](https://github.com/iamdharmesh), [Mohammed Razzaq (@MARQAS)](https://github.com/MARQAS), [Darin Kotter (@dkotter)](https://github.com/dkotter), [Peter Wilson (@peterwilsoncc)](https://github.com/peterwilsoncc), [Charles Sweethill (@wordfence)](https://github.com/wordfence), [Matt Barry (@barmat)](https://github.com/barmat), [Viktor Szépe (@szepeviktor)](https://github.com/szepeviktor), [Siddharth Thevaril (@Sidsector9)](https://github.com/Sidsector9), [Ben Marshall (@bmarshall511)](https://github.com/bmarshall511), [Ravinder Kumar (@ravinderk)](https://github.com/ravinderk), [Faisal Alvi (@faisal-alvi)](https://github.com/faisal-alvi), [Burhan Nasir (@burhandodhy)](https://github.com/burhandodhy), [Shahzaib Mushtaq (@shahzaib10up)](https://github.com/shahzaib10up), [Brooke Campbell](https://www.linkedin.com/in/brookecampbelldesign/), [Felipe Elia (@felipeelia)](https://github.com/felipeelia).
1616

1717
## Libraries
1818

features/vuln-wordfence.feature

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,11 @@ Feature: Test WP-CLI Features with Wordfence API.
1919
When I run `wp vuln plugin-check wppizza wordpress-seo`
2020
Then STDOUT should end with a table containing rows:
2121
| name | installed version | status | fixed in | severity |
22-
| wppizza | 0 | WPPizza <= 3.17.1 - Reflected Cross-Site Scripting | 3.17.2 | Medium 6.1/10 |
22+
| wppizza | 0 | WPPizzaA Restaurant Plugin <= 3.18.13 - Reflected Cross-Site Scripting | 3.18.14 | Medium 6.1/10 |
23+
| | 0 | WPPizza <= 3.17.1 - Reflected Cross-Site Scripting | 3.17.2 | Medium 6.1/10 |
2324
| | 0 | PrettyPhoto Library (Multiple Plugins and Themes) <= 3.1.4 - DOM Cross-Site Scripting | 2.11.8.18 | Medium 6.1/10 |
25+
| | 0 | WPPizza <= 3.18.2 - Reflected Cross-Site Scripting | 3.18.3 | Medium 6.1/10 |
26+
| | 0 | WPPizza <= 3.18.10 - Missing Authorization | 3.18.11 | Medium 4.3/10 |
2427
| wordpress-seo | 0 | Yoast SEO <= 3.4.0 - Authenticated Stored Cross-Site Scripting | 3.4.1 | Medium 5.4/10 |
2528

2629

@@ -99,7 +102,7 @@ Feature: Test WP-CLI Features with Wordfence API.
99102

100103
When I run `wp vuln theme-status --no-color`
101104
Then STDOUT should end with a table containing rows:
102-
| name | installed version | status | introduced in | fixed in | severity |
105+
| name | installed version | status | introduced in | fixed in | severity |
103106
| twentyfifteen | 1.2 | No vulnerabilities reported for this version of twentyfifteen | n/a | n/a | n/a |
104107

105108
When I run `wp vuln theme-status --porcelain`

wpcli-vulnerability-scanner.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
* Plugin Name: 10up WP-CLI Vulnerability Scanner
44
* Plugin URI: https://github.com/10up/wpcli-vulnerability-scanner
55
* Description: WP-CLI command only. Check WordPress code, installed plugins and themes for vulnerabilities.
6-
* Version: 1.2.1
6+
* Version: 1.2.2
77
* Requires at least: 5.7
88
* Requires PHP: 7.0
99
* Tested up to: 6.1

0 commit comments

Comments
 (0)