Video Tutorials

WPSploit – WordPress Plugin Code Scanner – Kali Linux 2017.3

WPSploit is intended for Penetration Testers who audit WordPress plugins or developers who wish to audit their own WordPress plugins.

It checks for:

Cross-Site Scripting (XSS)
SQL Injection
File Download
File Inclusion
File Manipulation
Command Execution
PHP Code Execution
Open Redirect
Cross-Site Request Forgery (CSRF)


$ git clone
$ cd wpsploit
$ python plugin_file.php


About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: