We collect vulnerable WordPress plugins on a monthly basis and make them available to security researchers. The output is a vulnerable version of WordPress that can be easily installed. Security researchers can use this version for exploit development, Nuclei template development, practice, and training. Description in Farsi language
| D/M | Years | Name | Plugins | Vulns | Years | Name | Plugins | Vulns |
|---|---|---|---|---|---|---|---|---|
| January | 2023 | - | - | - | 2024 | Imadaddin Nasimi | 171 | 210 |
| February | 2023 | - | - | - | 2024 | Jushin Castle | 214 | 290 |
| March | 2023 | Arg of Tabriz | 199 | 202 | 2024 | Kandovan | 355 | 492 |
| April | 2023 | Rab'-e Rashidi | 263 | 324 | 2024* | Arasbaran | 202 | 267 |
| May | 2023 | Tabriz Fire Fighting Tower | 259 | 340 | 2024 | Leylan | 181 | 244 |
| June | 2023 | Maragheh observatory | 168 | 227 | 2024** | Turkish delight | 54 | 55 |
| July | 2023 | Lake Urmia | 142 | 179 | 2024 | Ash-e_doogh | 56 | 56 |
| August | 2023 | Sa'at Tower | 160 | 180 | 2024 | Museum of Ostad Bohtouni | 62 | 61 |
| September | 2023 | Constitution House of Tabriz | 172 | 206 | 2024 | Stone Tark Mosque | 53 | 51 |
| October | 2023 | Shah Goli | 273 | 317 | 2024 | Zahhak Castl | 59 | 57 |
| November | 2023 | Book of Dede Korkut | 288 | 350 | 2024 | Sahand | 82 | 82 |
| December | 2023 | Shahriar | 234 | 284 | 2024 | Bazaar of Tabriz (Final) | 73 | 72 |
*Considering the Wordfence bug bounty program and the increase in vulnerable plugins, from the April 2024 version onwards, only vulnerable plugins with a score of 6 and higher will be collected.
**Due to the commencement of new projects and the diminishing significance of vulnerabilities with a score lower than 7, vulnerabilities with a score of 7 and above will be collected and reported from this version onwards.
- This version includes vulnerable plugins, so please exercise caution when using it.
- Do not update the plugins.
- The plugins have been extracted based on reports from the wordfence.com.
- The plugins have not been activated due to the potential for disruption.
- It only includes plugins that are downloadable through the WordPress website.
- Vulnerabilities with a score of 7 and above are collected.
-
Download the file and extract it from the compressed format.
-
Create a database and a user for the database.
-
Run the installer.php file in your browser.
- Bitcoin : 1HPfpSES4kpuTgJDsbsxY3iMZWsxChcZm5
- Ethereum: 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
- Tether usd : 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
- BNB coin : bnb1ncm9ln8ywx8557v3d428w8z82hg97379w070e3
- Monero: 44XHPK7jDMcFiL44p6sez4KBmgXrPsgnQiiV8TiKv9yAeLDJQk9ZNmKWRgfSR8efeDGrN5v3MV1p46k3hT9J5zGR6vzDGFW
- Iranian