Share
## https://sploitus.com/exploit?id=WPEX-ID:3B01044B-355F-40D3-8E11-23A890F98C76
You should create new post with two more heading. Go to the settings of the plugin and change "ez-toc-settings[heading_text_tag]" field to "Malicious JS code eval() and etc. For example img src=x onerror=alert(1)" -> Save Settings (Admins and editors are allowed to use JS in posts/pages/comments/etc, so the unfiltered_html capability should be disallowed when testing for Stored XSS using such roles)