EIP-2026-104791
PRE-CVEWordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104791. PoCs published by Manish Tanwar.
AI-analyzed exploit summary The exploit demonstrates a SQL injection vulnerability in the WordPress Polls plugin (version <=1.2.4) via the 'question_id' parameter in an HTTP POST request. The payload extracts database metadata, including table names and column names, from the information_schema.columns table.
Description
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
Exploits (1)
The exploit demonstrates a SQL injection vulnerability in the WordPress Polls plugin (version <=1.2.4) via the 'question_id' parameter in an HTTP POST request. The payload extracts database metadata, including table names and column names, from the information_schema.columns table.