## https://sploitus.com/exploit?id=3180BFB0-0F40-5385-85C0-5C4018356A9E
# WordPress CVE 2024-1071 SQL Exploit
![1713786351923](https://github.com/user-attachments/assets/de7291a9-c833-48f1-9690-6dc59ff624b6)
## This exploit, which runs on WordPress versions 2.1.3 to 2.8.2, allows unauthenticated attackers to add additional SQL queries to existing queries that can be used to pull sensitive information from the database.
#### Dork: body="/wp-content/plugins/ultimate-member"
## 1)
- git clone https://github.com/Dogu589/WordPress-Exploit-CVE-2024-1071.git
- cd WordPress-Exploit-CVE-2024-1071
## 2)
python3 WordPressExploit.py -f target.txt
# CVE
https://nvd.nist.gov/vuln/detail/CVE-2024-1071