EIP-2026-113934

PRE-CVE

WordPress Plugin Ocim MP3 - SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113934. PoCs published by xevil & Blankon33.

AI-analyzed exploit summary The exploit demonstrates a SQL injection vulnerability in the Ocim MP3 Plugin for WordPress. The proof of concept shows how an attacker can inject malicious SQL queries via the 'id' parameter in the 'pages.php' file.

Description

WordPress Plugin Ocim MP3 - SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED
by xevil & Blankon33 · textwebappsphp
https://www.exploit-db.com/exploits/39498

The exploit demonstrates a SQL injection vulnerability in the Ocim MP3 Plugin for WordPress. The proof of concept shows how an attacker can inject malicious SQL queries via the 'id' parameter in the 'pages.php' file.

Classification
Working Poc 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Ocim MP3 Plugin for WordPress
No auth needed
Prerequisites: WordPress installation with Ocim MP3 Plugin
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026