Exploit for Visual Composer Website Builder < 45.0.1 - Authenticated Stored XSS via Title CVE-2022-2516

Name: Exploit for Visual Composer Website Builder < 45.0.1 - Authenticated Stored XSS via Title CVE-2022-2516
Rating: 5 (98 reviews)

2022-08-29 | CVSS 0.8

## https://sploitus.com/exploit?id=WPEX-ID:287BDD2E-2B0A-4276-B44F-77DDA5F3E227
Create a post using the plugin editor and add the following payload in the Title: "><svg/onload=alert(/XSS/)>

The XSS will be triggered when editing the post again