This tutorial is 100% for Education Purpose only. Any time the word “Hacking” that is used on this site shall be regarded as Ethical Hacking. Do not attempt to violate the law with anything contained here. If you planned to use the content for illegal purposes, then please leave this site immediately! We will not be responsible for any illegal actions.

By using WPScan we are able to scan vulnerabilities that the wordpress site has. Even better, if we use the API token by registering on https://wpvulndb.com/users/sign_up we can obtain even more vulnerabilities as shown below where we try to scan the vulnerabilities of https://pentest.id:

$ wpscan –url https://pentest.id –api-token token