[CMS-590] check for WPSCAN_API_TOKEN constant:

php/pantheon/checks/plugins.php

@@ -78,7 +78,10 @@ protected function getPluginVulnerability( $plugin_slug )
 	{
 		// Get the vulnerability API token from the platform
 		$wpvulndb_api_token = getenv('PANTHEON_WPVULNDB_API_TOKEN');
-
+		if(defined("WPSCAN_API_TOKEN")) {
+			$wpvulndb_api_token = WPSCAN_API_TOKEN;
+		}
+
 		// Throw an exception if there is no token
 		if( false === $wpvulndb_api_token || empty( $wpvulndb_api_token ) ) {
 			//TODO: return a value indicating no scan was performed.