CVE-2017-9418
CVE-2017-9418 is a SQL injection vulnerability in the WordPress WP-Testimonials plugin version 3.4.1. An authenticated user can exploit the testid parameter in wp-admin/admin.php to execute arbitrary SQL commands. Public PoCs and exploits demonstrate union-based payloads and version disclosure, i...