EIP-2026-113680
PRE-CVEWordPress Plugin Developer Formatter - Cross-Site Request Forgery
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113680. PoCs published by Junaid Hussain.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in the WordPress Developer Formatter plugin, allowing an attacker to submit malicious input via a crafted HTML form. The vulnerable parameters 'copyclipboartext' and 'devfmtcss' are susceptible to persistent XSS, enabling actions like cookie theft or malware distribution.
Description
WordPress Plugin Developer Formatter - Cross-Site Request Forgery
Exploits (1)
This exploit demonstrates a CSRF vulnerability in the WordPress Developer Formatter plugin, allowing an attacker to submit malicious input via a crafted HTML form. The vulnerable parameters 'copyclipboartext' and 'devfmtcss' are susceptible to persistent XSS, enabling actions like cookie theft or malware distribution.