# Exploit Title: WordPress Plugin Smart Slider-3 - 'name' Stored Cross-Site Scripting (XSS)  
# Exploit Author: Hardik Solanki  
# Date: 05/06/2021  
# Software Link:  
# Version:  
# Tested on Windows  
*How to reproduce vulnerability:*  
1. Install WordPress 5.7.2  
2. Install and activate the "*Smart Slider 3" Version* plugin  
3. Navigate to "*Dashboard* and create a "*New Project*".  
4. Enter the JavaScript payload "*<script>alert(document.cookie)</script>*" into the "*Name*" field.  
5. You will observe that the Project has been created with malicious  
JavaScript payload "<script>alert(document.cookie)</script>" and hence  
project has been* created/stored* and thus JavaScript payload is executing  
1: Steal the cookie  
2: User redirection to a malicious website