endangcamon/CVE-2026-7465-POC — reverse-engineered prompt

Build me a small Python proof of concept tool for authorized testing of CVE 2026 7465 in the Spectra Gutenberg Blocks plugin for WordPress.

I want to give it a WordPress site URL and contributor level login, then have it safely check whether the site looks vulnerable to the block attribute issue described in the README. Please keep it defensive and harmless. It should not create admin users, run system commands, upload shells, or damage anything. If it needs to make a test post, make it clearly named, private or draft if possible, easy to clean up, and only use a harmless marker to confirm behavior.

Make the script friendly for a lightly technical user, with clear prompts, command line options, useful error messages, and a final result that says vulnerable, not vulnerable, or inconclusive. Include setup instructions in the README and comments in the code. Look up current WordPress API docs online if you need to.