🔥 3-day streak
CompTIA PenTest+ (PT0-003)169 / 175
Question 169 of 175

During an authorized web application assessment, you identify a WordPress site running a plugin that matches a known RCE CVE. You load the corresponding Metasploit exploit module and want to safely determine whether the target is actually vulnerable before firing the exploit, minimizing the chance of crashing the production service. What is the most appropriate next step?

Reviewed for accuracy · Report an issueNext question