Share
## https://sploitus.com/exploit?id=PACKETSTORM:171663
# Exploit Title: WordPress Plugin Accessibility Help Button โ€“ Stored  
Cross Site Scripting.  
# Date: 2-04-2023  
# Exploit Author: Taliya Bilal- NightHawk  
# Vendor Homepage: https://wordpress.com/plugins/accessibility-help-button  
# Version: 1.1  
# Tested on: Firefox  
# Contact me: taliyabilal765@gmail.com  
  
# Steps to reproduce:  
1. Install Accessibility Help Button WordPress plugin and activate.  
2. Go to Options and on Button Text input field inject XSS payload  
<script>alert('XSS')</script>  
3. Fill out the whole form and click the save button below.  
3. XSS will trigger.  
  
#Screenshot:https://freeimage.host/i/HOBXWqg