<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>WordPress Exploit Archives &#8212; LinuxSec Exploit</title>
	<atom:link href="https://exploit.linuxsec.org/category/web-hacking/wordpress-exploit/feed/" rel="self" type="application/rss+xml" />
	<link>https://exploit.linuxsec.org/category/web-hacking/wordpress-exploit/</link>
	<description>Nothing is Ever Locked</description>
	<lastBuildDate>Wed, 14 Aug 2019 17:41:28 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.4.3</generator>
	<item>
		<title>WordPress 4.7.0/4.7.1 Content Injection Exploit</title>
		<link>https://exploit.linuxsec.org/wordpress-470471-content-injection/</link>
					<comments>https://exploit.linuxsec.org/wordpress-470471-content-injection/#comments</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Thu, 02 Feb 2017 20:18:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2017/02/03/wordpress-470471-content-injection/</guid>

					<description><![CDATA[<p>Celah ini menginfeksi  WordPress REST API yang ditambahkan secara default pada WordPress 4.7.0. Salahsatu API tersebut memungkinkan kita mengupdate menghapus mengedit dan menambahkan konten di WordPress. Sayangnya fitur ini malah memiliki celah yangmana pengunjung situs yang bukan admin pun dapat mengupdate konten website melalui API tersebut. Untuk detail lebih jauh cek di https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html Exploit : WordPress [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/wordpress-470471-content-injection/">WordPress 4.7.0/4.7.1 Content Injection Exploit</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/wordpress-470471-content-injection/feed/</wfw:commentRss>
			<slash:comments>4</slash:comments>
		
		
			</item>
		<item>
		<title>Exploit WordPress Ajax Load More PHP Upload Vulnerability</title>
		<link>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/</link>
					<comments>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/#respond</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Tue, 03 Nov 2015 05:19:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/11/03/exploit-wordpress-ajax-load-more-php/</guid>

					<description><![CDATA[<p>Yooshh.. jumpa lagi kali ini saya akan share tutorial Wordpress Ajax Load More PHP Upload Vulnerability. Exploit ini membutuhkan metasploit. Jadi yang belum install , bisa install dulu. Exploit source nya dari Exploit-DB . Langsung saja ke tutorial. Download Exploit nya disini : https://www.exploit-db.com/exploits/38660/ Tambahkan module diatas ke metasploit kalian . Jika masih ada yang bingung bisa [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/">Exploit WordPress Ajax Load More PHP Upload Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability</title>
		<link>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/</link>
					<comments>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/#comments</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Fri, 05 Jun 2015 14:40:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Deface]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/06/05/deface-wordpress-dengan-exploit-themes/</guid>

					<description><![CDATA[<p>Yuppp.. lama ya tidak share exploit deface. Kali ini saya mau share tutorial deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability . Exploit nya sudah lama sih sebenarnya, namun gak tau kenapa sekarang &#8220;bersemi kembali&#8221; . Oke gak usah lama lama , langsung saja . Bahan : HTML Exploit : download Google Dorks : inurl:&#8221;/wp-content/themes/qualifire&#8221; [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/">Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/feed/</wfw:commentRss>
			<slash:comments>1</slash:comments>
		
		
			</item>
		<item>
		<title>Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability</title>
		<link>https://exploit.linuxsec.org/wpshop-file-upload/</link>
					<comments>https://exploit.linuxsec.org/wpshop-file-upload/#respond</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Sun, 17 May 2015 20:31:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Deface]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Hacking]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/05/18/deface-wordpress-dengan-exploi/</guid>

					<description><![CDATA[<p>Mau share aja exploit yang ditemukan oleh saya dan teman saya dari Indonesian Cyber Army, Mr.Xenophobic. Nama nya Exploit WordPress Plugins WPShop File Upload Vulnerability. Fuck 1337day.com for reject this exploit =)) Exploiter : Exploit WordPress Plugins WPShop File Upload Vulnerability &#8211; Click Here Google Dork : inurl:?wpshop_product_category= Use your brain, bitch ! Vuln Victim [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/wpshop-file-upload/">Deface WordPress dengan Exploit WordPress Plugins WPShop File Upload Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/wpshop-file-upload/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Exploit WordPress Plugin WP Mobile Edition Local File Disclosure Vulnerability</title>
		<link>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/</link>
					<comments>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/#respond</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Wed, 15 Apr 2015 11:04:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Bugs]]></category>
		<category><![CDATA[Deface]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/04/15/exploit-wordpress-plugin-wp-mobile/</guid>

					<description><![CDATA[<p>Yupp, kali ini mau share lagi exploit pada WordPress yang memiliki celah pada plugins WP Mobile Edition. Plugin &#8216;WP Mobile Edition&#8217; ini tidak memfilter parameter GET file di /themes/mTheme-Unus/css/css.php . Alhasil kita juga dapat melihat source dari konfigurasi WordPress yang terletak di wp-config.php . Oke langsung saja. Google Dorks : inurl:?fdx_switcher=mobile Exploit : 127.0.0.1/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php Tested [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/">Exploit WordPress Plugin WP Mobile Edition Local File Disclosure Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
