So you have found an installation of wordpress on your vulnerable virtual machine. What next?
In your browser copy the address of the wordpress installation.
At the terminal in Kali type the following:
wpscan --url http://172.16.195.202/wordpress/ --enumerate
Replace the URL with the URL of the vulnerable wordpress installation.
Once the scan has been completed you will be presented with a list of vulnerabilities with that installation of word press.
It is possible that this scan will return a list of usernames – you can then utilise these usernames to perform a brute force attack against the login.
If for example one of the usernames is ‘admin’:
wpscan --url http://172.16.195.202/wordpress/ --wordlist /usr/share/wordlist/rockyou.txt --user admin
If at first you don’t succeed you can run the above command again with progressively larger wordlists.
Once access has been granted it might be possible to upload a php shell and set a reverse listener on Kali. Article to be developed.