Blog

Stay updated with the latest offensive security news, knowledge, and resources.

Latest Resources

Discovering wp-admin.php URLs in Wordpress With GravityForms

Apr 05, 2023 • Juan Pablo Gomez Postigo

Discovering wp-admin.php URLs in Wordpress With GravityForms

By targeting a specific endpoint and passing in a random string, GravityForms will prompt users to authenticate first. This results in the unauthenticated user being redirected to the obscured administrative login page for /wp-admin.

Web App Assessments

READ MORE

« 1 2 3 4 5 »

[data-sal|='fade'], [data-sal|='flip'], [data-sal|='slide'] [data-sal|='slide-up'], [data-sal|='zoom'] { opacity: 1; transform: none; }