## https://sploitus.com/exploit?id=BDE83946-08BB-5139-85E0-E0A0255FFCC8
# WordPress-Quiz-Maker-SQLi-Exploit-CVE-2025-10042-
This Python script is an exploit for a Time-based Blind SQL Injection vulnerability in the WordPress Quiz Maker plugin (versions <= 6.7.0.56). The vulnerability (CVE-2025-10042) exists due to improper sanitization of the X-Forwarded-For HTTP header.
An attacker can leverage this vulnerability to extract sensitive information from the WordPress database, including administrative usernames, emails, and password hashes.
Features
Vulnerability Checking: Verify if a target URL is susceptible to the injection.
Automated Dumping: Extract administrative user credentials (Username, Email, Password Hash).
Custom Query Support: Execute and extract results from custom SQL queries.
Binary Search Optimization: Uses a binary search algorithm to speed up data extraction through time-based delays.
🕷Installation
Clone the repository:
git clone https://github.com/YourUsername/CVE-2025-10042-Exploit.git
cd CVE-2025-10042-Exploit
Install dependencies:
pip install requests
Usage
1. Basic Check
To check if a target is vulnerable:
python3 exploit.py -u http://example.com -p /quiz-page/ --check
2. Dump Admin Credentials
To extract the admin user data from the wp_users table:
python3 exploit.py -u http://example.com -p /quiz-page/ --dump
3. Custom Query
To run a specific SQL query:
python3 exploit.py -u http://example.com -p /quiz-page/ --query "SELECT @@version"
Technical Details
CVE: CVE-2025-10042
Injection Point: X-Forwarded-For Header
Method: Time-based Blind SQLi using SLEEP() and IF() statements
Tested on: WordPress 6.x with Quiz Maker 6.7.0.56
Disclaimer
Warning: This tool is for educational purposes and authorized security testing only. Running this against targets without prior written consent is illegal. The author is not responsible for any misuse of this tool.