I wonder if this could be useful for penetration testing, considering the ease of setting up different plugin combinations on different PHP and Wordpress versions? Or stack used to run it is way more different from real one?