Dimitrios Tsagkarakis - Security Researcher - Exploit Intelligence Platform

CVE-2017-9603 EXPLOITDB HIGH text WORKING POC

WP Jobs < 1.4 - Authenticated SQL Injection via jobid Parameter

SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php.

CVSS 8.8

View Code

CVE-2017-9418 EXPLOITDB HIGH text WORKING POC

WP-Testimonials 3.4.1 - SQL Injection

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.

CVSS 8.8

View Code

CVE-2017-9429 EXPLOITDB HIGH text WRITEUP

WordPress Event List <0.7.8 - SQL Injection

SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.

CVSS 8.8

View Code