An exploit is when the attacker takes advantage of a security vulnerability in order to cause unintended behavior of the software. Therefore as an example, in case of WordPress, when an attacker takes advantage of an SQL Injection vulnerability to read or modify data in the WordPress database, such as changing the users’ passwords, the attacker is exploiting the SQL injection vulnerability.