All notable changes to this project will be documented in this file, per the Keep a Changelog standard.
Unreleased - TBD
1.2.2 - 2024-11-20
- Bump
actions/upload-artifactfrom v3 to v4 (props @iamdharmesh, @jeffpaul via #104).
- Ensure the final release contains the
composer.jsonfile so the plugin can be installed properly via WP-CLI (props @burhandodhy, @iamdharmesh, @felipeelia via #105).
1.2.1 - 2024-04-01
- Introduce new filter,
vuln_skip_vulnerability_check, that can be used to skip the vulnerability check for a specific vulnerability (props @burhandodhy, @shahzaib10up, @iamdharmesh via #101). - Plugin banner and icon images (props Brooke Campbell, @jeffpaul, @dkotter via #99).
1.2.0 - 2023-08-02
- Functional tests (props @iamdharmesh, @jeffpaul, @peterwilsoncc via #75)
- Wordfence Intelligence as an API provider. (props @iamdharmesh, @jeffpaul, @dkotter, Charles Sweethill, @barmat, @szepeviktor via #78)
- Vulnerability severity data to command output. (props @iamdharmesh, @jeffpaul, @Sidsector9 via #90)
- Vulnerability reference link information. (props @iamdharmesh, @bmarshall511,@jeffpaul, @ravinderk via #94)
- Some code improvements (props @szepeviktor, @iamdharmesh via #79, #80)
- Renamed "fix" column to "fixed in" (props @iamdharmesh, @faisal-alvi via #89)
- Readme Updates (props @jeffpaul, @iamdharmesh via #91)
- Updated README.md with example command output (props @bmarshall511, @jeffpaul, @iamdharmesh via #92)
1.1.0 - 2022-10-26
- Support for Patchstack API (props @iamdharmesh, @MARQAS, @dkotter, @jeffpaul via #71).
1.0.0 - 2022-04-13
- Add support for
introduced_inWPSCAN API field (props @pabamato, @jeffpaul, @hugosolar, @bengreeley, @TheLastCicada via #50). VULN_API_URLconstant to override the default API endpoint (props @tylercherpak, @TheLastCicada, @jeffpaul, @andredurao via #45).
- Bumped WordPress "tested up to" version 5.9 (props @jeffpaul, @kojraai via #66).
- Add vulnerability id to the report object, only used when
--format=ids(props @pabamato, @jeffpaul, @hugosolar, @ssnepenthe, @oscarssanchez via #51). - Output: Force the green header on a new line when
--format=ids(props @pabamato, @jeffpaul, @hugosolar, @ssnepenthe, @oscarssanchez via #51). - Improve: Use
wp_parse_args()(props @pabamato, @jeffpaul, @hugosolar, @bengreeley, @TheLastCicada via #50). - Documentation updated (props @vladox, @jeffpaul, @cadic, @marekmaurizio, @oscarssanchez, @vladox, @TheLastCicada, @tylercherpak, @pabamato, @gabsy via #37, #57, #65).
- Plugin slug changed to remove conflict with another plugin in WordPress repository (props @pabamato, @jeffpaul, @planetahuevo, @oscarssanchez via #49).
- Implemented WPScan API v3 (props @allan23, @oscarssanchez, @tott, @jeffpaul, @ssnepenthe, @randstring, @andrewminion-luminfire, @TheLastCicada via https://github.com/10up/wpcli-vulnerability-scanner/pull/33).
- False positive report for wpscan.com API Limit exceed errors (props @rahulsprajapati, @jeffpaul, @kojraai, @ehausen, @oscarssanchez, @davidegreenwald via #62).
- False positive report for
wp vuln plugin-statuswithintroduced_infield (props @rahulsprajapati, @kojraai, @jeffpaul, @TheLastCicada via #60). - Output format when using
--format=ids(props @pabamato, @jeffpaul, @hugosolar, @ssnepenthe, @oscarssanchez via #51). - Table format columns not having the same width as table header for colorized items (props @pabamato, @jeffpaul, @hugosolar, @bengreeley, @TheLastCicada via #50).
- Make valid json when using
wp vuln status --format=json(props @phlbnks, @jeffpaul via #25). - Unit tests (props @hulet, @eugene-manuilov, @jeffpaul via #27).