NOMISEC-RandomRobbieBF/CVE-2025-54726

NOMISEC WORKING POC

Exploit for CVE-2025-54726 - Miguel Useche JS Archive List - SQL Injection

AI Analysis

The repository contains a functional proof-of-concept for CVE-2025-54726, demonstrating an unauthenticated SQL injection vulnerability in the JS Archive List WordPress plugin (versions up to 6.1.5). The PoC uses Ghauri to exploit boolean-based and time-based blind SQL injection via the 'cats' parameter.

Attack Type

SQLi

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 1

https://github.com/RandomRobbieBF/CVE-2025-54726

Stars 0

Forks 0

Last Push Sep 25, 2025

Authors

RandomRobbieBF r0oth3x49

Vulnerability

CVE-2025-54726

Miguel Useche JS Archive List - SQL Injection

CRITICAL

CVSS 9.3