Information Disclosure - WordPress CMS

Summary :

CMS stands for ‘Content Management System’. It allows you to control and manage the content within your website without technical training.

Many websites now a days is using WordPress CMS because WordPress CMS is simple and easy to use. Now the common mistake done by the developers here is that they don’t restrict some of the endpoints which can lead to information disclosure of the admin users.

How to find this vulnerability ?

  1. Go to any website that uses wordpress CMS (You can identify website technologies using wappalyzer )

2. Right click on any image and click on view image

3. Now the following page will appear which will be having the URL :

4. Now edit the URL like

This is the most common vulnerability that is found in the websites using wordpress CMS. You can also check for which will leak IP address - (It rarely happens).

Thank You :)

Instagram : jerry._.3



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jerry Shah (Jerry)

|Penetration Tester| |Hack The Box| |Digital Forensics| |Malware Analysis|