[dschiffner]

his admin creds were probably

admin / abcd123!

[waynesonfire]

Guessing passwords? You don't even have to try that hard. Have you seen the list of WordPress CVEs?

Here is one just from January of this year,

https://www.debian.org/security/2022/dsa-5039

"Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform SQL injection, run unchecked SQL queries, bypass hardening, or perform Cross-Site Scripting (XSS) attacks."

[dschiffner]

Sure have! Mentioning the admin creds were more so tongue in cheek because there are a lot of folks who use the default 'admin' username.