WPScan is a tool for scanning WordPress sites. This can be used to find vulnerabilities within a WordPress site.
For the purpose of this I'll be using an instance of WAMPServer to scan against.
wpscan --url http://<mySite> --enumerate u
This will scan the url and attempt to enumerate users of the server. After discovering the users you can use that information to attempt to crack their passwords.