POC详情: 699ab89db4da2771adf8b199513d642843debfe6

来源
https://github.com/wiseep/CVE-2025-5287
关联漏洞
标题: WordPress plugin Likes and Dislikes Plugin SQL注入漏洞 (CVE-2025-5287)
描述:WordPress和WordPress plugin都是WordPress基金会的产品。WordPress是一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是一个应用插件。 WordPress plugin Likes and Dislikes Plugin 1.0.0版本存在SQL注入漏洞,该漏洞源于post参数清理不足,可能导致SQL注入。
描述
Wordpress likes and dislikes add-on - SQL Injection
介绍
**Description:**

It is an exploit code that works for multiple urls and multi thread for Unauth Sql Injection on Wp plugin with CVE-2025-5287


**Example usage:**

usage: CVE-2025-5287.py [-h] --file FILE [--fudge FUDGE] [--timeout TIMEOUT] [--threads THREADS] [--proxy PROXY]

Time-Based SQLi Checker (Clean, Threaded, Proxy-Support)

**Optional arguments:**

 **-h, --help**        show this help message and exit

  **--file FILE**       File with base URLs (e.g. http://example.com)
  
  **--fudge FUDGE**    Extra time allowance for delay detection
  
  **--timeout TIMEOUT**  Request timeout in seconds
  
  **--threads THREADS**  Number of concurrent threads
  
  **--proxy PROXY**      Proxy to use (e.g. 5.5.5.5:8080)
文件快照

 [4.0K]  /data/pocs/699ab89db4da2771adf8b199513d642843debfe6
├── [3.0K]  CVE-2025-5287.py
└── [ 733]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。