Skip to content

VTFoundation/vulnerablewp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
vulnerable-plugins
vulnerable-plugins
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
install.sh
install.sh
 
 
upload.ini
upload.ini
 
 

Repository files navigation

Vulnerable Wordpress Docker - Created at VTF by Waleed Zafar

Usage

  1. Clone git repository:
 git clone https://github.com/waleedzafar68/vulnerablewp/
  1. Navigate to the cloned foder
cd vulnerablewp
  1. Run the install.sh file:
./install.sh

Note: Permission issue: Run the following if you encounter permissions issue

chmod +x install.sh
  1. Navigate to localhost:
http://127.0.0.1

  1. Install Wordpress after choosing language

    Installing Wordpress

  2. Set the site title, Username, password and email

    Configuring Wordpress

  3. Navigate to plugins at http://localhost/wp-admin/plugins.php. Login if need be.

  4. Scroll down and activate any plugin except Hello Dolly and Akismet. Example attached

    Upl3

  5. See it is activated.

    Upl4

  6. Repeat the process for the next three plugins.

  7. All activated.

Vulnerable Plugins:

Mail Masta v1.0 (CVE-2017-6095-6098, CVE-2017-6570-6570)

Duplicator v1.2.32 (CVE-2018-7543, CVE-2018-17207, CVE-2020-11738)

ReFlex Gallery v3.1.7 (CVE-2015-4133)

WP Google Maps v3.4 (CVE-2019-10692)

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages