Acunetix Premium - v11.0.163541031

New Features

• Acunetix Enterprise users can now generate their API key to be used for the Acunetix API (contact sales@acunetix.com for more information on the API)
• Selenium IDE files are now supported as Import files in Acunetix v11
• The Acunetix Login Sequence Recorder can now edit login sequence files.

New Vulnerability Tests

• Privilege escalation vulnerability in Joomla! Core
• Multiple vulnerabilities in Joomla! Core, including arbitrary file upload and information disclosure vulnerabilities
• WordPress Plugin Nelio AB Testing Server-Side Request Forgery (SSRF)
• WordPress Plugin WooCommerce Email Test Information Disclosure
• WordPress Plugin All In One WP Security & Firewall Cross-Site Scripting
• WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities
• WordPress Plugin WP Support Plus Responsive Ticket System SQL Injection
• WordPress Plugin wpDataTables Lite Cross-Site Scripting
• WordPress Plugin Twitter Cards Meta Cross Site Scripting and Server Side Request Forgery Vulnerabilities
• WordPress Plugin Multisite Post Duplicator Cross-Site Request Forgery
• WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting 
• WordPress Plugin Delete All Comments Arbitrary File Upload
• WordPress Plugin BP Profile Search PHP Object Injection
• WordPress Plugin Quiz And Survey Master (Formerly Quiz Master Next) Multiple Vulnerabilities
• WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection
• WordPress Plugin Backup & Restore Dropbox PHP Object Injection and Information Disclosure Vulnerabilities
• WordPress Plugin Ultimate Member Security Bypass
• WordPress Plugin Simple Personal Message SQL Injection
• WordPress Plugin WA Form Builder SQL Injection
• WordPress Plugin WP Vault Local File Inclusion

Improvements

• The Acunetix UI will show a message when the license is not activated.
• The Login Sequence Recorder will make use of the proxy settings configured for the Target.
• Better handling of cookies.

Bug Fixes

• Fixed reports generated for targets that have not been scanned
• Fixed allowance of empty Import Files to be uploaded for a Target
• Some information returned by AcuSensor was not reflected in the vulnerability details
• Fixed false positive in the ASP.NET debug mode check
• Various minor updates and fixes