EIP-2026-113984

PRE-CVE

WordPress Plugin Pretty Link Lite 1.4.56 - Multiple SQL Injections

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113984. PoCs published by MaKyOtOx.

AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in the Pretty Link Lite WordPress plugin by injecting SQL queries via the 'group' and 'l' parameters. It retrieves the database version as a proof of concept.

Description

WordPress Plugin Pretty Link Lite 1.4.56 - Multiple SQL Injections

Exploits (1)

exploitdb WORKING POC VERIFIED

by MaKyOtOx · textwebappsphp

https://www.exploit-db.com/exploits/35893

View Code ZIP pw:eip

The exploit demonstrates SQL injection vulnerabilities in the Pretty Link Lite WordPress plugin by injecting SQL queries via the 'group' and 'l' parameters. It retrieves the database version as a proof of concept.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Pretty Link Lite WordPress plugin 1.4.56

Auth required

Prerequisites: Access to the WordPress admin interface · Pretty Link Lite plugin installed and activated

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026