XposedAPI – Offsec Proving Ground Writeup

XposedAPI This is one box that I found the official walkthrough is a little bit ambiguous after I finished it. The guess work on the request method to trigger the payload is too much of a guess work (maybe just for me :D). So I present my own write up to clear things up a…

WordPress 5.7.2 Classic Editor Potential XSS Vulnerability

I was doing a write up of XposedAPI from offsec proving ground, where I pasted some source code gathered during the process. And the code contains javascript code. The code kinda like this (I have to manually replace < with &gt otherwise it executes…). &ltscript> function restart(){ if(confirm(“Do you really want to restart the app?”)){…