Exploit for Social Pixel <= 2.1 - Admin+ Stored XSS CVE-2024-4005

Name: Exploit for Social Pixel <= 2.1 - Admin+ Stored XSS CVE-2024-4005
Rating: 5 (40 reviews)

2024-05-24 | CVSS 5.6

## https://sploitus.com/exploit?id=WPEX-ID:02CA09F8-4080-4969-992D-0E6AFB29BC62
1. Go to: https://example.com/wp-admin/options-general.php?page=social-pixel
2. Under "Facebook" add the payload `'); alert(2); console.log('blah` for the "Identificador".
3. Click the checkbox next to "Activación"
4. Save the settings and view the site to see the XSS