• Intro
• WordPress Structure
• WordPress User Roles
• WordPress Core Version Enumeration
• Plugins and Themes Enumeration
• Directory Indexing
• User Enumeration
• Login
• WPScan Overview
• WPScan Enumeration
• Exploiting a Vulnerable Plugin
• Attacking WordPress Users
• Remote Code Execution (RCE) via the Theme Editor
• Attacking WordPress with Metasploit
• WordPress Hardening