1️⃣Wordpress

CMS Pentesting Guide (More Specifically WordPress Security)

Here you'll see comprehensive collection of resources dedicated to Content Management System (CMS) Pentesting and Security.

It includes a variety of tools, informative articles, detailed write-ups, and other valuable materials.

Topic

Resource

wp-scan use guide

WPScan Use Guide - YouTube

Scan WordPress Vulnerability with WPScan - Medium

How to Hack a WordPress Website with WPScan - Infosec Writeups

Wordpress Vulnerable Plugins

WordPress Audit Plugins - Cyllective

Reversing WordPress CVEs: Baby Steps - Infosec Writeups

WordPress Media Library RCE (CVE-2023-4634) - Patrowl

High Severity Vulnerability Fixed in WordPress Elementor Pro Plugin - NinTechNet Blog

WordPress BuddyForms Plugin: Unauthenticated Insecure Deserialization (CVE-2023-26326) - Medium

WordPress Transposh: Exploiting a Blind SQL Injection via XSS - RCE Security

CVE-2021-21661: Exposing Database Info via WordPress SQL Injection - Zero Day Initiative

WordPress plugin bug bounty (WordFence)

WordPress Plugin Bug Bounty (WordFence) - NahamSec YouTube

WordPress Plugin Bug Bounty - BugBountyReportsExplained YouTube

WordPress Pentesting

Hacking the WordPress Sites for Fun and Profit - Part 1 - Infosec Writeups

Wordpress Pentestinf Methodology By HackTricks

Enhancing WordPress Website Security: Automate WPScan and Receive Instant Alerts for New Vulnerabilities - Infosec Writeups

Pwning WordPress Passwords - Infosec Writeups

How to Get a Reverse Shell from Any WordPress - System Weakness

P1 Bug Hunting: Exploiting Common WordPress Vulnerabilities - The Gray Area

Advanced Level for WordPress Vulnerabilities - Hossam Shady Medium

Hacking WordPress Server Database - System Weakness

Hacking WordPress with Some Common Vulnerabilities - Olger346 Medium

Leaking WordPress CSRF Tokens - Ahussam.me

How Did I Get $200 with WordPress Vulnerability - NguHuynh Medium

DVWP - GitHub

ATO of WordPress Website: $4-Digit Bounty in 5 Minutes - Ritesh Gohil Medium

Error-Based SQL Injection on a WordPress Website and Extract More Than 150k User Details - Ynoof Medium

How I Takeover WordPress Admin - Sahruldotid Medium

Wordpress pentesting tools

Wappalyzer

WPintel

Wp-Scan

XMLRPC.php Exploit POC

XMLRPC.php Exploit POC - YouTube

Article Title

Link

CVE-2021-4434: A Critical WordPress Vulnerability Exposed

Read Article

Scan WordPress Vulnerability with WPScan

Read Article

Major WordPress Vulnerability Allows Anyone to DDoS Your Website

Read Article

WordPress Vulnerability: DoS Flaw Could Bring Down Your Site

Read Article

How to Use Vulnerability Scanner Zoom

Read Article

How to Exploit a WordPress Plugin Vulnerability: A Case Study of TheCartPress

Read Article

WordPress XXE Vulnerability (CVE-2021-29447) TryHackMe

Read Article

Major Security Vulnerability in WordPress and Drupal Could Take Down Websites

Read Article

Critical Vulnerability in SEOPress WordPress Plugin Allows Hacking 100,000+ WordPress Websites

Read Article

Mastering WordPress Penetration Testing: A Step-by-Step Guide

Read Article

Disclosure: Email Address of Any WordPress User via Redacted Service

Read Article

How to Hack a WordPress Website with WPScan

Read Article

Hacking the WordPress Sites for Fun and Profit (Part 1: Water)

Read Article

Reversing WordPress CVEs: Baby Steps

Read Article

Enhancing WordPress Website Security: Automate WPScan and Receive Instant Alerts for New Vulnerabilities

Read Article

CVE-2019-15092: WordPress Plugin Import Export Users 1.3.0 CSV Injection

Read Article

Pwning WordPress Passwords

Read Article

How to Get a Reverse Shell from Any WordPress

Read Article

P1 Bug Hunting: Exploiting Common WordPress Vulnerabilities

Read Article

Pentesting CMS Web Applications

Read Article

The Business Owner's Guide to Securing a WordPress Website: Importance of Vulnerability Testing

Read Article

Advanced Level for WordPress Vulnerabilities

Read Article

Chaining IDOR and Host Header Can Takeover 1.8 Million Users Accounts

Read Article

How to Get Started Hacking WordPress Plugins to Earn Your First CVE

Read Article

Hacking WordPress Server Database

Read Article

Hacking WordPress: Hack the Box Preignition Walkthrough

Read Article

Hacking WordPress with Some Common Vulnerabilities

Read Article

Hacking WordPress as a Site Owner

Read Article

RCE (Remote Code Execution) in WordPress

Read Article

Leaking WordPress CSRF Tokens

Read Article

WordPress XSS Vulnerability

Read Article

Finding an RCE Gadget Chain in WordPress Core

Read Article

WordPress Media Library RCE (CVE-2023-4634)

Read Article

How Did I Get $200 with WordPress Vulnerability?

Read Article

High Severity Vulnerability Fixed in WordPress Elementor Pro Plugin

Read Article

WordPress BuddyForms Plugin Unauthenticated Insecure Deserialization (CVE-2023-26326)

Read Article

Bypass CSP Using WordPress by Abusing Same-Origin Method Execution

Read Article

WordPress Core Unauthenticated Blind SSRF

Read Article

WordPress Transposh: Exploiting a Blind SQL Injection via XSS

Read Article

WordPress Audit Plugins

Read Article

WordPress Object Injection Vulnerability

Read Article

Fuzzing WordPress Plugins

Read Article

Exposing Database Info via WordPress SQL Injection (CVE-2021-21661)

Read Article

WordPress Plugin Confusion Update Can Get You Pwned

Read Article

ATO of WordPress Website: $4 Digits Bounty in 5 Minutes

Read Article

WordPress XXE Security Vulnerability

Read Article

Error-Based SQL Injection on a WordPress Website and Extract More than 150k User Details

Read Article

WordPress CSRF to RCE

Read Article

How I Takeover WordPress Admin (Fiiipay)

Read Article

WordPress Post Type Privilege Escalation

Read Article

WordPress Design Flaw Leads to WooCommerce RCE

Read Article

WordPress Hacking Videos

YouTube Video

WordPress Vulnerability Exploits

YouTube Video

WordPress Security

YouTube Video

WordPress DDoS Attack

YouTube Video

WordPress RCE Exploitation

YouTube Video

WordPress Vulnerability

YouTube Video

WordPress Plugin Exploits

YouTube Video

WordPress Penetration Testing

YouTube Video

WordPress Security Flaws

YouTube Video

WordPress Vulnerability Management

YouTube Video

WordPress Attack Vectors

YouTube Video

WordPress Security Analysis

YouTube Video

WordPress Exploit Demonstration

YouTube Video

WordPress Security Testing

YouTube Video

WordPress Plugin Vulnerabilities

YouTube Video

WordPress Vulnerability Assessments

YouTube Video

Wordpress Pentestinf Methodology By HackTricks

Read Article

PreviousIntroduction NextGraphQL API

Last updated 6 months ago

All the Articles & Videos Related to the WordPress Pentesting