EIP-2026-111357

This exploit demonstrates a Cross-Site Request Forgery (CSRF) vulnerability in Pluck CMS 4.7.3, allowing an attacker to create a malicious HTML form that adds a new page with arbitrary content when visited by an authenticated admin.