Wordpress xmlrpc.php -common vulnerabilites & how to exploit them

What is XML-RPC ?

Common Vulnerabilities in XML-RPC

BruteForce attack

  1. This is what you originally see when you try to open the xmlrpc.php located at
    http://<targetWebSite.com>/<wordpress directory>/xmlrpc.php

Other attacks ?
XSPA or simply port scanning !

  1. List all the methods and search for the following
    pingback.ping’

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

bitcoin Inheritance protocol

{UPDATE} 游戏 - 豪门足球俱乐部大作战 Hack Free Resources Generator

l337 S4uc3 Walkthrough — Cyberdefenders

API, API Manager and OWASP top 10

Regulatory Comments | Information Technology (Intermediary Guidelines And Digital Media Ethics…

Social fi is a powerful ecosystem made up of a merge of Defi, NFTs and social media.

Orwellian dystopia — data might be power, but knowledge is strength.

Simple Parameter Tampering → Account Takeover

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
+Bilal Rizwan

+Bilal Rizwan

More from Medium

How simple file upload vulnerability leads to RCE?

How simple file upload vulnerability leads to RCE?

Intigriti XSS Challenge 0222 — Write-Up

Solving Intigriti’s February XSS Challenge

Image of the relevant javascript code

Stored XSS into HTML