|
|
|
|
|
|
by raesene3
4482 days ago
|
|
|
An interesting point, but if interpreted by the wrong person, using wpscan (which makes a load of requests to the site) could be considered dubious under the CMA (I definitely wouldn't run in against a site which I wasn't authorised to test) From what I know vulnerability scanning (which is essentially what wpscan does) is a bit of a grey area under UK law. It's been likened to someone "rattling the windows" of a house. They may be doing it with the intention of notifying the owner that he's left his house unlocked, or they may be doing it to attempt to gain unauthorised access.. The analogy isn't perfect but it's one I'd step carefully on. |
|
|