Vulnerable WordPress August 2023 (Sa’at Tower)

Today, we see the release of various vulnerabilities in various programs. If you’re a security researcher, you’re probably tempted to work on them. For example, check that vulnerability, write an exploit for it or, if possible, write a nuclei template for it.
To do all of these things, you first need to create a lab environment for that vulnerability, and this might be the hardest step.
In order to make it easier for you and to be able to do my own research, I created a vulnerable version of WordPress that is updated monthly.
The vulnerable version contains vulnerable plugins every month that are published on the Wordfence.com website. Of course, plugins that can be downloaded through WordPress.com.
This can be useful for those working in education, exploit developers, offensive/defensive tool developers, Nuclei template developers, etc.
This edition was published in August 2023 with the title “Sa’at Tower”.

Information about the installed version of WordPress:
List of the plugins
Worpress version: 6.3.1
Number of installed plugins (Clean and Vulnerable) : 160
Number of vulnerabilities: 180
Adminuser: onhexgroup
Adminpass: yohRmPNtYKb96AZKbm
Hash Vulnerable WordPress August 2023.7z : 6E4716A39BE7373E01A9462F8B14A8CB157FDB1A42CB82A51B7619483D94BB09
Hash installer.php : 0AC5353119EEB0DF6E17C19859752EFFBD7AC3AF4479040BF100DBE791438597
Hash Vulnerable_WordPress_August_2023_77c6b7f9df00f2673508_20230903104127_archive.zip : 2D38D202E04832FDEE82775C3F76E6E2595874A2EA999B3FD81E2B2550E83E1D
Hash Vuln_plugins_August_2023.xlsx : 1FD7ADF7C1CFC3111984C71AF83C76ED7E440080EFE11151CB0FDD8373942794

Hints:
This version contains vulnerabilities, so be careful when using it.
Avoid updating plugins.
Plugins are extracted from Wordfence reports.
Plugins are not activated and only installed.
This list only includes plugins that downloadable from WordPress.org.

Install:
Download file and extract it
Create database and user database
run installer.php on browser

Video: How to install on wamp (windows)

Vidde: How to install on kali (linux)

Donate:
Bitcoin: 1HPfpSES4kpuTgJDsbsxY3iMZWsxChcZm5
Ethereum: 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
Tether usd: 0xb59922b7b786d59c31B8180024dE34D3D7932fb4
BNB coin: bnb1ncm9ln8ywx8557v3d428w8z82hg97379w070e3
Monero: 44XHPK7jDMcFiL44p6sez4KBmgXrPsgnQiiV8TiKv9yAeLDJQk9ZNmKWRgfSR8efeDGrN5v3MV1p46k3hT9J5zGR6vzDGFW
Iranian