Find WordPress > * > Login form Pages

Finds WordPress login pages indexed by Google that expose the wp-login.php authentication endpoint.

Intermediate

Use with caution

vulnerability

Google Dork Query:

intitle:"WordPress > * > Login form" inurl:"wp-login.php

Not verified

What It Does

This dork uses 'intitle:' to match the WordPress login page title pattern and 'inurl:wp-login.php' to target the standard WordPress authentication URL. It reveals WordPress installations where the login page is publicly indexed, which can be targeted for brute-force or credential stuffing attacks.

Common Use Cases

WordPress Security Audit: Identify WordPress sites with publicly indexed login pages that should be protected with login URL changes or CAPTCHA.
Brute-Force Target Assessment: During authorized pentests, locate WordPress login endpoints to test password policies and lockout mechanisms.
CMS Inventory: Discover all WordPress installations across an organization's web properties for centralized security management.

How to Use Safely

Run the dork in Google to find indexed WordPress login pages.
Check if the login page has protections like CAPTCHA, rate limiting, or two-factor authentication.
Identify the WordPress version from the page source or meta tags.
Recommend hiding the login URL, adding fail2ban, and enabling two-factor authentication.

Responsible Use Required

This dork should only be used on systems you own or have explicit authorization to test. Unauthorized access to computer systems is illegal. Always follow ethical guidelines and obtain proper permission before testing.

Related Dorks

Google Dork: Phorum Admin" "Database Connection"...

Locates exposed Phorum forum admin panels that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Find "Ethernet Pages

Identifies ethernet pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Find index.of. Pages

Finds PhpCollab and NetOffice project management login pages and directory listings exposing collaboration platforms.

Back to Library

Find WordPress > * > Login form Pages

Finds WordPress login pages indexed by Google that expose the wp-login.php authentication endpoint.

Intermediate

Use with caution

vulnerability

Google Dork Query:

intitle:"WordPress > * > Login form" inurl:"wp-login.php

Not verified

What It Does

Common Use Cases

WordPress Security Audit: Identify WordPress sites with publicly indexed login pages that should be protected with login URL changes or CAPTCHA.
Brute-Force Target Assessment: During authorized pentests, locate WordPress login endpoints to test password policies and lockout mechanisms.
CMS Inventory: Discover all WordPress installations across an organization's web properties for centralized security management.

How to Use Safely

Run the dork in Google to find indexed WordPress login pages.
Check if the login page has protections like CAPTCHA, rate limiting, or two-factor authentication.
Identify the WordPress version from the page source or meta tags.
Recommend hiding the login URL, adding fail2ban, and enabling two-factor authentication.

Responsible Use Required

Related Dorks

Google Dork: Phorum Admin" "Database Connection"...

Locates exposed Phorum forum admin panels that may allow unauthorized access to administrative interfaces or sensitive system configurations.

Find "Ethernet Pages

Identifies ethernet pages that may contain security misconfigurations or vulnerabilities exploitable during authorized security assessments.

Find index.of. Pages

Finds PhpCollab and NetOffice project management login pages and directory listings exposing collaboration platforms.

Find WordPress > * > Login form Pages

What It Does

Common Use Cases

How to Use Safely

Responsible Use Required

TAGS

Related Dorks

Find WordPress > * > Login form Pages

What It Does

Common Use Cases

How to Use Safely

Responsible Use Required

TAGS

Related Dorks