Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress Login Panel - Detect" module is designed to detect the presence of the WordPress login panel. It is a test case that can be used to identify if the login panel of a WordPress website is accessible. This module is authored by its0x08 and has an informative severity level.
This module does not have any direct impact on the website or its functionality. It is solely used for detection purposes and does not perform any actions that could potentially harm the website.
The "WordPress Login Panel - Detect" module works by sending a GET request to the "/wp-login.php" path of the target WordPress website. It then applies matching conditions to the response to determine if the login panel is present.
The matching conditions used in this module include:
- The presence of the string "WordPress</title>" in the response - The presence of the string "Log In</title>" in the response - The presence of the string "/wp-login.php?action=lostpassword\">Lost your password?</a>" in the response - The presence of the string "<form name=\"loginform\" id=\"loginform\" action=\"{{BaseURL}}/wp-login.php\" method=\"post\">" in the responseIf any of these conditions are met, the module will report that the WordPress login panel has been detected.