Identifying WordPress Websites on Local Networks and Bruteforcing Login Pages

Use XSHM to identify WordPress websites running on internal networks and behind firewalls and also launch a login bruteforce attack on them.

Similar

Hacking 27% of the Web via WordPress Auto-Update

At Wordfence, we continually look for security vulnerabilities in the third party plugins and themes that are widely used by the WordPress community. In addition to this research, we regularly examine WordPress core and the related wordpress.org systems. ...

Read more »

WordPress and Update Signing

Nothing could be further from the truth. Everyone involved takes their responsibility very seriously, and the growth of WordPress has meant many thoughtful, hard-working people have gotten involved… (more…)

Read more »