Vulnerabilities in WordPress can be uncovered by the WPScan utility, which comes installed by default in Kali Linux. It's also a great tool for gathering general reconnaissance information about a website that's running WordPress.
This is a companion discussion topic for the original entry at https://linuxconfig.org/use-wpscan-to-scan-wordpress-for-vulnerabilities-on-kali