Exploit for Slickr Flickr <= 2.8.1 - Admin+ Stored Cross-Site Scripting CVE-2022-3021

Name: Exploit for Slickr Flickr <= 2.8.1 - Admin+ Stored Cross-Site Scripting CVE-2022-3021
Rating: 5 (213 reviews)

2022-08-29 | CVSS 0.4

## https://sploitus.com/exploit?id=WPEX-ID:3C5FF229-85C2-49C2-8FB9-6419A8002A4E
Open the plugin and intercept the request using burpsuite. 

Give the below payload in the parameter "flickr_id" and submit the request. 
xss"/><script>prompt(2)</script>//xss

The stored XSS will be triggered whenever the user visits the page.