Skip to content

waleedzafar68/vulnerablewp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
vulnerable-plugins
vulnerable-plugins
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
install.sh
install.sh
 
 
upload.ini
upload.ini
 
 

Repository files navigation

Vulnerable Wordpress Docker - Created at VTF by Waleed Zafar

Usage

  1. Clone git repository:
 git clone https://github.com/waleedzafar68/vulnerablewp/
  1. Navigate to the cloned foder
cd vulnerablewp
  1. Run the install.sh file:
./install.sh

Note: Permission issue: Run the following if you encounter permissions issue

chmod +x install.sh
  1. Navigate to localhost:
http://127.0.0.1

  1. Install Wordpress after choosing language

    Installing Wordpress

  2. Set the site title, Username, password and email

    Configuring Wordpress

  3. Navigate to plugins at http://localhost/wp-admin/plugins.php. Login if need be.

  4. Scroll down and activate any plugin except Hello Dolly and Akismet. Example attached

    Upl3

  5. See it is activated.

    Upl4

  6. Repeat the process for the next three plugins.

  7. All activated.

Vulnerable Plugins:

Mail Masta v1.0 (CVE-2017-6095-6098, CVE-2017-6570-6570)

Duplicator v1.2.32 (CVE-2018-7543, CVE-2018-17207, CVE-2020-11738)

ReFlex Gallery v3.1.7 (CVE-2015-4133)

WP Google Maps v3.4 (CVE-2019-10692)

About

Vulnerable Wordpress Docker

Topics

wordpress ubuntu vulnerable-wordpress

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages