Exploit for WP Comments Fields < 4.1 - Admin+ Stored Cross-Site Scripting CVE-2022-2398

Name: Exploit for WP Comments Fields < 4.1 - Admin+ Stored Cross-Site Scripting CVE-2022-2398
Rating: 5 (90 reviews)

2022-07-14 | CVSS 0.2

## https://sploitus.com/exploit?id=WPEX-ID:0A218789-9A78-49CA-B919-FA61D33D5672
Create/edit a Comment Fields (Comments > Comment Fields) and put the following payload in the Error Message setting: "autofocus onfocus=alert(/XSS/)//

The XSS will be triggered in any post