<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Wordpress Archives &#8212; LinuxSec Exploit</title>
	<atom:link href="https://exploit.linuxsec.org/tag/wordpress/feed/" rel="self" type="application/rss+xml" />
	<link>https://exploit.linuxsec.org/tag/wordpress/</link>
	<description>Nothing is Ever Locked</description>
	<lastBuildDate>Wed, 14 Aug 2019 17:40:39 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.4.3</generator>
	<item>
		<title>WordPress 4.7.0/4.7.1 Content Injection Exploit</title>
		<link>https://exploit.linuxsec.org/wordpress-470471-content-injection/</link>
					<comments>https://exploit.linuxsec.org/wordpress-470471-content-injection/#comments</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Thu, 02 Feb 2017 20:18:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2017/02/03/wordpress-470471-content-injection/</guid>

					<description><![CDATA[<p>Celah ini menginfeksi  WordPress REST API yang ditambahkan secara default pada WordPress 4.7.0. Salahsatu API tersebut memungkinkan kita mengupdate menghapus mengedit dan menambahkan konten di WordPress. Sayangnya fitur ini malah memiliki celah yangmana pengunjung situs yang bukan admin pun dapat mengupdate konten website melalui API tersebut. Untuk detail lebih jauh cek di https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html Exploit : WordPress [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/wordpress-470471-content-injection/">WordPress 4.7.0/4.7.1 Content Injection Exploit</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/wordpress-470471-content-injection/feed/</wfw:commentRss>
			<slash:comments>4</slash:comments>
		
		
			</item>
		<item>
		<title>Exploit WordPress Ajax Load More PHP Upload Vulnerability</title>
		<link>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/</link>
					<comments>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/#respond</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Tue, 03 Nov 2015 05:19:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Metasploit]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/11/03/exploit-wordpress-ajax-load-more-php/</guid>

					<description><![CDATA[<p>Yooshh.. jumpa lagi kali ini saya akan share tutorial Wordpress Ajax Load More PHP Upload Vulnerability. Exploit ini membutuhkan metasploit. Jadi yang belum install , bisa install dulu. Exploit source nya dari Exploit-DB . Langsung saja ke tutorial. Download Exploit nya disini : https://www.exploit-db.com/exploits/38660/ Tambahkan module diatas ke metasploit kalian . Jika masih ada yang bingung bisa [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/">Exploit WordPress Ajax Load More PHP Upload Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/exploit-wordpress-ajax-load-more-php/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>WordPress Security &#8211; Mencegah Brute Force pada XMLRPC WordPress</title>
		<link>https://exploit.linuxsec.org/wordpress-security-mencegah-brute-force/</link>
					<comments>https://exploit.linuxsec.org/wordpress-security-mencegah-brute-force/#comments</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Wed, 21 Oct 2015 00:58:00 +0000</pubDate>
				<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[Brute Force]]></category>
		<category><![CDATA[Hacking]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/10/21/wordpress-security-mencegah-brute-force/</guid>

					<description><![CDATA[<p>Baru baru ini telah ditemukan trik bruteforce pada file xmlrpc.php CMS WordPress. Berbeda dengan bruteforce halaman login yang mungkin sudah diantisipasi dengan htaccess ataupun plugins, bruteforce pada file xmlrpc.php ini tidak berbekas. Jika terdapat banyak log percobaan login saat kita mencoba bruteforce wp-login.php, bruteforce xmlrpc.php hanya meninggalkan satu log percobaan. 194.150.168.95 – – [07/Oct/2015:23:54:12 -0400] [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/wordpress-security-mencegah-brute-force/">WordPress Security &#8211; Mencegah Brute Force pada XMLRPC WordPress</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/wordpress-security-mencegah-brute-force/feed/</wfw:commentRss>
			<slash:comments>1</slash:comments>
		
		
			</item>
		<item>
		<title>Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability</title>
		<link>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/</link>
					<comments>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/#comments</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Fri, 05 Jun 2015 14:40:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Deface]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/06/05/deface-wordpress-dengan-exploit-themes/</guid>

					<description><![CDATA[<p>Yuppp.. lama ya tidak share exploit deface. Kali ini saya mau share tutorial deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability . Exploit nya sudah lama sih sebenarnya, namun gak tau kenapa sekarang &#8220;bersemi kembali&#8221; . Oke gak usah lama lama , langsung saja . Bahan : HTML Exploit : download Google Dorks : inurl:&#8221;/wp-content/themes/qualifire&#8221; [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/">Deface WordPress dengan Exploit Themes Qualifire File Upload Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/deface-wordpress-dengan-exploit-themes/feed/</wfw:commentRss>
			<slash:comments>1</slash:comments>
		
		
			</item>
		<item>
		<title>Exploit WordPress Plugin WP Mobile Edition Local File Disclosure Vulnerability</title>
		<link>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/</link>
					<comments>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/#respond</comments>
		
		<dc:creator><![CDATA[Yoo Cherry]]></dc:creator>
		<pubDate>Wed, 15 Apr 2015 11:04:00 +0000</pubDate>
				<category><![CDATA[WordPress Exploit]]></category>
		<category><![CDATA[Bugs]]></category>
		<category><![CDATA[Deface]]></category>
		<category><![CDATA[Exploit]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Wordpress]]></category>
		<guid isPermaLink="false">https://exploit.linuxsec.org/2015/04/15/exploit-wordpress-plugin-wp-mobile/</guid>

					<description><![CDATA[<p>Yupp, kali ini mau share lagi exploit pada WordPress yang memiliki celah pada plugins WP Mobile Edition. Plugin &#8216;WP Mobile Edition&#8217; ini tidak memfilter parameter GET file di /themes/mTheme-Unus/css/css.php . Alhasil kita juga dapat melihat source dari konfigurasi WordPress yang terletak di wp-config.php . Oke langsung saja. Google Dorks : inurl:?fdx_switcher=mobile Exploit : 127.0.0.1/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php Tested [&#8230;]</p>
<p>The post <a href="https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/">Exploit WordPress Plugin WP Mobile Edition Local File Disclosure Vulnerability</a> appeared first on <a href="https://exploit.linuxsec.org">LinuxSec Exploit</a>.</p>
]]></description>
		
					<wfw:commentRss>https://exploit.linuxsec.org/exploit-wordpress-plugin-wp-mobile/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
