# Exploit Title: WordPress Plugin TaxoPress 188.8.131.52 - Stored Cross-Site Scripting (XSS) (Authenticated)
# Date: 23-10-2021
# Exploit Author: Akash Rajendra Patil
# Vendor Homepage:
# Software Link: https://wordpress.org/plugins/simple-tags/
# Tested on Windows
# CVE: CVE-2021-24444
# Reference: https://wpscan.com/vulnerability/a31321fe-adc6-4480-a220-35aedca52b8b
How to reproduce vulnerability:
1. Install Latest WordPress
2. Install and activate TaxoPress Version 184.108.40.206
3. Navigate to Add Table >> add the payload into 'Table Name & Descriptions'
and enter the data into the user input field.
"><img src=x onerror=confirm(docment.domain)>
5. You will observe that the payload successfully got stored into the
database and when you are triggering the same functionality in that