EIP-2026-113792

PRE-CVE

WordPress Plugin Glossary - SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113792. PoCs published by longrifle0x.

AI-analyzed exploit summary The exploit demonstrates a SQL injection vulnerability in the WordPress WP Glossary plugin via the 'id' parameter in ajax.php. It includes example payloads for extracting database information such as user privileges and MySQL version.

Description

WordPress Plugin Glossary - SQL Injection

Exploits (1)

exploitdb WORKING POC

by longrifle0x · textwebappsphp

https://www.exploit-db.com/exploits/18055

View Code ZIP pw:eip

The exploit demonstrates a SQL injection vulnerability in the WordPress WP Glossary plugin via the 'id' parameter in ajax.php. It includes example payloads for extracting database information such as user privileges and MySQL version.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: WordPress WP Glossary plugin (version not specified)

No auth needed

Prerequisites: WordPress installation with WP Glossary plugin active

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026