EIP-2026-114251
PRE-CVEWordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114251. PoCs published by Miroslav Stampar.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in the WordPress WP-Filebase Download Manager plugin. The PoC uses a time-based blind SQL injection via the 'base' parameter in the 'tree' action to trigger a delay, confirming the vulnerability.
Description
WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Miroslav Stampar · textwebappsphp
https://www.exploit-db.com/exploits/17808
This exploit demonstrates a SQL injection vulnerability in the WordPress WP-Filebase Download Manager plugin. The PoC uses a time-based blind SQL injection via the 'base' parameter in the 'tree' action to trigger a delay, confirming the vulnerability.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
WordPress WP-Filebase Download Manager plugin <= 0.2.9
No auth needed
Prerequisites:
Access to the vulnerable WordPress plugin endpoint
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026