Exploits / Vulnerability Discovered : 2022-01-13 |
Type : webapps |
Platform : php
This exploit / vulnerability Wordpress core 5.8.2 wp_query sql injection is for educational purposes only and if it is used you will do on your own risk!
#This vulnerability allows remote attackers to disclose sensitive information on affected installations of WordPress Core,
#Authentication is not required to exploit this vulnerability, The specific flaw exists within the WP_Query class,
#The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries,
#An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.