Skip to content

fumioryoto/Quiz-Maker-SQL-Injection-CVE-2025-10042

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
exploit.py
exploit.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

WordPress Quiz Maker SQL Injection Exploit (CVE-2025-10042)

⚠️ Warning: This repository contains a proof-of-concept exploit for a SQL Injection vulnerability in WordPress Quiz Maker plugin version ≤ 6.7.0.56. Use only on systems you own or have explicit permission to test. Unauthorized use is illegal and unethical.

🚨 Description

This script exploits an SQL Injection vulnerability in WordPress Quiz Maker plugin (≤ 6.7.0.56) by injecting payloads via an HTTP header (default: X-Forwarded-For). The exploit uses time-based blind SQL injection to extract:

Admin username

Admin email

Password hash

It also supports custom SQL queries.

🧰 Requirements

Python 3.x

requests library

Install dependencies:

pip install requests

📁 Files

exploit.py — Main exploit script

README.md — This documentation

⚙️ Setup

Clone the repository:

git clone https://github.com/yourusername/quiz-maker-sqli.git
cd quiz-maker-sqli

Install dependencies:

pip install -r requirements.txt

If you don't have requirements.txt, install manually:

pip install requests

🧪 Usage 🔍 1. Check Vulnerability Example:

python3 exploit.py -u https://example.com -p /quiz/ --check

🧨 2. Dump Admin Credentials Example:

python3 exploit.py -u https://example.com -p /quiz/ --dump

🧩 3. Custom SQL Query Extraction python exploit.py -u https://target.com -p /quiz-page/ --query "SELECT database()"

Example:

python3 exploit.py -u https://example.com -p /quiz/ --query "SELECT user_login FROM wp_users WHERE ID=1"

🔧 Optional Arguments Argument Description -H, --header Header to inject (default: X-Forwarded-For) -t, --timeout Request timeout in seconds (default: 10) 🧠 How It Works

The script uses a time-based blind SQL injection:

Sends baseline request

Sends injection with SLEEP(3)

Measures response delay

If response delay matches, it confirms vulnerability

Uses binary search to extract data character-by-character

🛡️ Mitigation

If you are a website owner or admin:

Update Quiz Maker plugin to latest version

Restrict access to headers

Use WAF rules to block SQL injection attempts

📌 Disclaimer

This project is for educational purposes only. The author is not responsible for any misuse or damage caused by this tool.

About

This script exploits an SQL Injection vulnerability in WordPress Quiz Maker plugin (≤ 6.7.0.56) by injecting payloads via an HTTP header (default: X-Forwarded-For).

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages