# Exploit Title: WordPress Plugin TaxoPress 18.104.22.168 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Exploit Author: Akash Rajendra Patil
# Vendor Homepage:
# Software Link: https://wordpress.org/plugins/simple-tags/
# Tested on Windows
# CVE: CVE-2021-24444
# Reference: https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b
How to reproduce vulnerability:
1. Install Latest WordPress
2. Install and activate TaxoPress Version 22.214.171.124
3. Navigate to Add Table >> add the payload into 'Table Name & Descriptions'
and enter the data into the user input field.
"><img src=x onerror=confirm(docment.domain)>
5. You will observe that the payload successfully got stored into the
database and when you are triggering the same functionality in that