How to obtain "wp_rest" nonce for WP Statistics plugin manually?
During my pentest of a client’s websites I stumbled upon the WP with vulnerable WP Statistics plugin installed.
To exploit this vulnerability, I should send a JSON-API request to endpoint /json-api/wp-statistics/v2/…. The problem is I mu… Continue reading How to obtain "wp_rest" nonce for WP Statistics plugin manually?