Exploit for Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS) CVE-2021-24480

Name: Exploit for Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS) CVE-2021-24480
Rating: 5 (87 reviews)

2021-06-28 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:243D417A-6FB9-4E17-9E12-A8C605F9AF8A
As admin, put the following payload in the "Use your own theme (enter URL):" option (wp-admin/edit.php?post_type=gg_events&page=gg_event_menu) of the plugin: "><script>alert(/XSS/)</script>