EIP-2026-114316

PRE-CVE

WordPress Theme CStar Design - 'id' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114316. PoCs published by Amirh03in.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in the CStar Design theme for WordPress, specifically in the flashmoXML.php file. It lacks executable exploit code but outlines the vulnerability and attack vector.

Description

WordPress Theme CStar Design - 'id' SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by Amirh03in · textwebappsphp

https://www.exploit-db.com/exploits/38064

View Code ZIP pw:eip

The provided text describes an SQL injection vulnerability in the CStar Design theme for WordPress, specifically in the flashmoXML.php file. It lacks executable exploit code but outlines the vulnerability and attack vector.

Classification

Writeup 80%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: CStar Design theme for WordPress (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable WordPress theme endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026