Vulnerable WordPress December 2023 (Shahriar)

Github: https://github.com/onhexgroup/Vulnerable-WordPress

Today, we see the release of various vulnerabilities in various programs. If you’re a security researcher, you’re probably tempted to work on them. For example, check that vulnerability, write an exploit for it or, if possible, write a Nuclei template for it.
To do all of these things, you first need to create a lab environment for that vulnerability, and this might be the hardest step.
In order to make it easier for you and to be able to do my own research, I created a vulnerable version of WordPress that is updated monthly.
The vulnerable version contains vulnerable plugins every month that are published on the Wordfence.com website. Of course, plugins that can be downloaded through WordPress.com.
This can be useful for those working in education, exploit developers, offensive/defensive tool developers, Nuclei template developers, Bug Hunters (For example work on Wordfence bug bounty program), etc.

This edition was published in December 2023 with the title “Shahriar”.

Information about the installed version of WordPress:
List of the plugins
Worpress version: 6.4.2
Number of installed plugins (Clean and Vulnerable) : 234
Number of vulnerabilities: 284
Admin user: onhexgroup
Admin pass: U7ChIDPQsok)4TU8%h

Hash installer.php : BD2C90E6AEE8F9183724544F135A566146D900E9399DCC348B15E86D83085886
Hash Vuln_plugins_December_2023.xlsx : E8FAE52A6119D4CBD53E947C30F806127B791E04B37D400F80C18396B60DBBBE
Hash Vulnerable_WordPress_December_2023.7z : 40C975C5197479929FA105D535243477D083508011B5F0CED1A3AA5E75DA2C8A

Hints:
This version contains vulnerabilities, so be careful when using it.
Avoid updating plugins.
Plugins are extracted from Wordfence reports.
Plugins are not activated and only installed.
This list only includes plugins that downloadable from WordPress.org.

Install:
Download file and extract it
Create database and user database
run installer.php on browser

Video: How to install on wamp (windows)

Video: How to install on Kali (Linux)

Donate:
Bitcoin: 1HPfpSES4kpuTgJDsbsxY3iMZWsxChcZm5
Ethereum: 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
Tether usd: 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
BNB coin: bnb1ncm9ln8ywx8557v3d428w8z82hg97379w070e3
Monero: 44XHPK7jDMcFiL44p6sez4KBmgXrPsgnQiiV8TiKv9yAeLDJQk9ZNmKWRgfSR8efeDGrN5v3MV1p46k3hT9J5zGR6vzDGFW
Iranian

Contact us:

Site | Telegram | Twitter | youtube | Linkedin | Instagram