Just found this wordpress penetration-testing tool – looks pretty handy, especially since it seems to have some follow-up tools to do stuff once you’ve gained access. Another one for the testing arsenal!

How-to guide by DoxSec here: https://doxsec.wordpress.com/2017/04/13/wpforce-wordpress-attack-suite/

and a youtube vid demoing it too..

https://youtu.be/ScZg5kJET5E