Dimitrios Tsagkarakis - Security Researcher - Exploit Intelligence Platform

CVE-2017-9603 EXPLOITDB HIGH text WORKING POC

WP Jobs <1.5 - SQL Injection

SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php.

CVSS 8.8

View Code

CVE-2017-9418 EXPLOITDB HIGH text WORKING POC

WP-Testimonials 3.4.1 - SQL Injection

SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.

CVSS 8.8

View Code

CVE-2017-9429 EXPLOITDB HIGH text WRITEUP

WordPress Event List <0.7.8 - SQL Injection

SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php.

CVSS 8.8

View Code