How it works...
WordPress allows users that are not experienced in developing web applications to create their own sites by incorporating plugins that may be created by other users and are not subject to the same quality assurance and testing that the main CMS is; this means that when one of those plugins or modules has a serious security flaw, thousands of users may have installed vulnerable code in their sites and are exposed to attacks that can compromise their whole servers.
In this recipe, we used WPScan to identify vulnerabilities in an old WordPress installation. We started by updating the tool's database; this was done automatically while being connected to the internet. Having finished the update, the scan continued by identifying ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access