CVE-2021-25076

This exploit demonstrates an authenticated SQL injection vulnerability in WordPress Plugin WP User Frontend versions before 3.5.25. It authenticates to WordPress and then uses sqlmap to exploit the unsanitized 'status' parameter in the Subscribers dashboard.

This repository contains a functional exploit for CVE-2021-25076, an SQL injection vulnerability in the WP User Frontend WordPress plugin. The exploit authenticates to WordPress and uses sqlmap to exploit the vulnerability via the 'status' parameter in the Subscribers dashboard.

This repository contains a functional exploit for CVE-2021-25076, an SQL injection vulnerability in the WP User Frontend WordPress plugin before 3.5.26. The exploit authenticates to WordPress and uses sqlmap to exploit the vulnerability via the 'status' parameter in the Subscribers dashboard.

This repository contains a functional exploit for CVE-2021-25076, an SQL injection vulnerability in the WP User Frontend WordPress plugin. The exploit authenticates to WordPress and generates a payload for sqlmap to exploit the vulnerable 'status' parameter in the Subscribers dashboard.

This repository contains a functional exploit for CVE-2021-25076, an SQL injection vulnerability in the WordPress Plugin WP User Frontend < 3.5.26. The exploit authenticates to WordPress and uses sqlmap to exploit the vulnerability via the 'status' parameter in the Subscribers dashboard.