Playground for WordPress hacking and wpscan testing.
DO NOT EXPOSE THIS TO INTERNET!
$ git clone https://github.com/vavkamil/dvwp.git
$ cd dvwp/
$ docker compose up -d --build
$ docker compose run --rm wp-cli install-wp
$ docker-compose up -d
$ docker-compose down
docker exec -ti dvwp-wordpress-1 /bin/bash
- http://YOUR-PRIVATE-IP:31337
- http://YOUR-PRIVATE-IP:31337/wp-login.php
- http://YOUR-PRIVATE-IP:31338/phpmyadmin/
- Wordpress: admin/admin
- MySQL: root/password
Feel free to contribute with pull requests ;)
-
InfiniteWP Client < 1.9.4.5 - Authentication Bypass
- CVE-2020-8772
-
WordPress File Upload < 4.13.0 - Directory Traversal to RCE
- CVE-2020-10564
-
WP Advanced Search < 3.3.4 - Unauthenticated Database Access and Remote Code Execution
- no CVE
-
Social Warfare <= 3.5.2 - Unauthenticated Arbitrary Settings Update
- CVE-2019-9978
-
Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass
- CVE-2020-8771
- NOT WORKING RIGHT NOW
- Directory listing
- display_errors
- info.php
- dump.sql
- adminer.php
- search-replace-db
- cross-domain
- Add versions and description to each vulnerability in README.md
- Upload docker image to Docker Hub registry
- Get rid of the Dockerfile
- Run wp-cli automatically during build
- Use "svn co" or "wp-cli" to download vulnerable plugins directly
- Add more vulnerable plugins/themes
- Update WP and php to latest
- Add vulnerable phpmyadmin?
- Add script to pull
access.log
anderror.log
from container