The examapp plugin 1.0 for WordPress has SQL injection via the wp-admin/admin.php?page=examapp_UserResult id parameter.Referenceshttps://www.exploit-db.com/exploits/42351
