You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
When assessing a site, a common thing I'll look at is the number of active installs a plugin has.
If the plugin doesn't have many active installs it's a good candidate for me to take a look at the plugin to see if there's any unreported vulnerabilities in it as it naturally has less eyes over it.
Describe the solution you'd like
For each plugin slug printed under plugin(s) identified, just also do a quick lookup to find number of active installs
Describe alternatives you've considered
My current workflow involves taking the output of wpscan and plugging it into a seperate script.
import requests
# Define the URL template for fetching plugin data from the WordPress API
WORDPRESS_API_URL = "https://api.wordpress.org/plugins/info/1.2/?action=plugin_information&request[slug]={slug}"
# Function to get plugin info from the WordPress API
def get_active_installs(slug):
try:
response = requests.get(WORDPRESS_API_URL.format(slug=slug))
data = response.json()
if 'active_installs' in data:
return data['active_installs']
else:
return None
except Exception as e:
print(f"Error fetching data for plugin {slug}: {e}")
return None
# Function to read the slugs from a file and output results to a CSV
def process_slugs_to_csv(input_file, output_csv_file):
with open(input_file, 'r') as file:
slugs = [line.strip() for line in file if line.strip()] # Read each line and strip newlines/whitespace
# Open the output CSV file in write mode
with open(output_csv_file, mode='w', newline='', encoding='utf-8') as csvfile:
writer = csv.writer(csvfile)
writer.writerow(['slug', 'active_installs']) # Write the header row
for slug in slugs:
installs = get_active_installs(slug)
writer.writerow([slug, installs]) # Write slug and install count to CSV
# File paths
input_file = 'slugs.txt' # Replace with your file that has a list of slugs
output_csv_file = 'plugin_active_installs.csv'
# Process slugs and output to CSV
process_slugs_to_csv(input_file, output_csv_file)
print(f"Active install data has been saved to {output_csv_file}")
Additional context
Happy to contribute a PR if you can provide some guidance about how you'd like this added to the codebase.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
When assessing a site, a common thing I'll look at is the number of active installs a plugin has.
If the plugin doesn't have many active installs it's a good candidate for me to take a look at the plugin to see if there's any unreported vulnerabilities in it as it naturally has less eyes over it.
Describe the solution you'd like
For each plugin slug printed under plugin(s) identified, just also do a quick lookup to find number of active installs
Describe alternatives you've considered
My current workflow involves taking the output of wpscan and plugging it into a seperate script.
Additional context
Happy to contribute a PR if you can provide some guidance about how you'd like this added to the codebase.
The text was updated successfully, but these errors were encountered: