WPScan rewritten in Python + some WPSeku ideas
Python Library for Static WordPress (Autmated Crawling, Post-Processing and Hosting)
WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries
CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation
Social Network Tabs Wordpress Plugin Vulnerability - CVE-2018-20555
A PoC exploit for CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)
Python Library to prepare and deploy a static version of a WordPress Installation on Netlify (Static Hosting Service Provider).
The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489
WP-Hunter is a WordPress plugin/theme reconnaissance and static analysis (SAST) tool. It is designed for security researchers to evaluate the vulnerability probability of plugins by analyzing metadata, installation patterns, update histories, and performing deep Semgrep-powered source code analysis.
Wpushell is a tool used to upload a backdoor shell to a site that uses a WordPress Content Management System with a simple and fast process.
Wordpress Plugins List
Hacking WordPress Plugins - Authenticated Shell Upload, by compromising admin console and upload a malicious plugin with PHP (reverse shell code)
InfiniteWP Client < 1.9.4.5 - Authentication Bypass
Wordpress Security Scanner && Auto Exploiter
A silly script that helps to download pdf files from https://masterthecase.com where all the pdf files are protected by a WordPress plugin called "Pdf Embedder Premium Secure", http://wp-pdf.com/
Domain Grabber Made With Love :3
Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely.
A tool to exploit WordPress plugin vulnerabilities and extract database credentials
Zero-Day Vulnerability in File Manager Plugin 6.7 ( CVE 2020-25213 )
SharkXploit Wordpress Auto Exploit is a great tools for search vulnerability in wordpress
Add a description, image, and links to the wordpress-plugin topic page so that developers can more easily learn about it.
To associate your repository with the wordpress-plugin topic, visit your repo's landing page and select "manage topics."