WordPress is one of the most used Content Management Systems (CMS), if not the most used, in the world. A CMS is an application - usually a web application - that allows users to  create fully functional websites easily with no or little programming knowledge. WPScan is a vulnerability scanner specialized in detecting vulnerabilities in WordPress sites.

In this recipe, we will use WPScan to identify vulnerable components on a WordPress site installed in the OWASP BWA virtual machine.