## https://sploitus.com/exploit?id=WPEX-ID:8E5EC88E-0E66-44E4-BBF2-74155D849EDE
Setup (As admin)
- To simulate a gadget chain, put the following code in a plugin:
class Evil {
public function __wakeup() : void {
die("Arbitrary deserialization");
}
}
- Activate the plugin, access the Custom Fields Menu and create a simple Field Group
Attack (as a contributor)
- Create a new post with dummy content, fill in the plugin's text field at the bottom of the screen with O:4:"Evil":0:{}, then save the draft
- Reload the page and click "x revisions", this will trigger the PHP Object Injection