https://github.com/jazzsequence/action-wordpress-vulnerability-scanner

A GitHub action that can be used to run vulnerability checks using the 10up WP-CLI Vulnerability Scanner
https://github.com/jazzsequence/action-wordpress-vulnerability-scanner

Last synced: 12 months ago
JSON representation

A GitHub action that can be used to run vulnerability checks using the 10up WP-CLI Vulnerability Scanner

• Host: GitHub
• URL: https://github.com/jazzsequence/action-wordpress-vulnerability-scanner
• Owner: jazzsequence
• License: mit
• Created: 2023-05-12T20:03:34.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2023-05-30T20:31:23.000Z (almost 3 years ago)
• Last Synced: 2025-03-01T11:35:28.666Z (about 1 year ago)
• Language: Shell
• Size: 41 KB
• Stars: 4
• Watchers: 2
• Forks: 0
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Codeowners: CODEOWNERS

Awesome Lists containing this project

README

          
# WordPress Vulnerability Scanner Action

[![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/jazzsequence/action-wordpress-vulnerability-scanner/plugin-test.yml?label=plugin%20vulnerability%20scanner&logo=wordpress)](https://github.com/jazzsequence/action-wordpress-vulnerability-scanner/actions) [![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/jazzsequence/action-wordpress-vulnerability-scanner/theme-test.yml?label=theme%20vulnerability%20scanner&logo=wordpress)](https://github.com/jazzsequence/action-wordpress-vulnerability-scanner/actions) [![Shellcheck Status](https://img.shields.io/github/actions/workflow/status/jazzsequence/action-wordpress-vulnerability-scanner/lint.yml?label=shellcheck)](https://github.com/jazzsequence/action-wordpress-vulnerability-scanner/actions) [![GitHub](https://img.shields.io/github/license/jazzsequence/action-wordpress-vulnerability-scanner)](https://github.com/jazzsequence/action-wordpress-vulnerability-scanner/blob/main/LICENSE) [![GitHub release (latest by date)](https://img.shields.io/github/v/release/jazzsequence/action-wordpress-vulnerability-scanner)](https://github.com/jazzsequence/action-wordpress-vulnerability-scanner/releases)

A GitHub action that can be used to run vulnerability checks using the [10up WP-CLI Vulnerability Scanner](https://github.com/10up/wpcli-vulnerability-scanner).

## Inputs

### `api-provider`

The Vulnerability API provider to use. Supported values are `wordfence`, `patchstack` and `wpscan`. Default `wordfence`.

### `api-token`

The API token to use for the Vulnerability API provider. Default `''`. Required if `api-provider` is `wpscan` or `patchstack`. (`wordfence` does not require an API token but does accept one for more robust scanning.)

### `type`

The type of scan to run. Supported values are `plugin` and `theme`. `core` is supported in an experimental state. Default `plugin`.

### `name`

The name of the plugin or theme to scan. Defaults to the name of the repository.

## Example usage

```yaml

uses: jazzsequence/action-wordpress-vulnerability-scanner@v1

with:

  api-provider: 'patchstack'

  api-token: ${{ secrets.PATCHSTACK_API_TOKEN }}

  type: 'plugin'

  name: 'my-plugin'

```