: You can use tools like the WPScan Vulnerability Database or Tenable Nessus to identify these specific flaws in older installations. WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.31)
While major SQL injection holes in WordPress core are rare, version 4.1.31 suffers from a specific mishandling of comment feeding and taxonomy queries. The vulnerability resides in how WP_Query generates SQL clauses for meta queries. wordpress 4.1.31 exploit
Within minutes, sqlmap dumps the admin hashes. These are cracked via John the Ripper (using a rock-you dictionary) revealing Password123! . : You can use tools like the WPScan