Share
## https://sploitus.com/exploit?id=WPEX-ID:C0CC513E-C306-4920-9AFB-E33D95A7292F
1. Create a new Post as a Contributor user.
2. Add the "Simple Author Box" block.
3. Intercept the request to `/wp-admin/admin-ajax.php` upon addition of the block. Change the `author_ID` parameter to an ID of a user of your choosing.
4. Inspect the response to see all of the information about that user, including the hashed password.