Share
## https://sploitus.com/exploit?id=WPEX-ID:5BD16F84-22BF-4170-B65C-08CAF67D0005
1. Go to "Top Bar" in WP Admin
2. Save the settings and intercept the request in Burp
3. Change the `tpbr_color` parameter to: `"+onmouseover='alert(1)'"` 
4. Submit and see XSS when you mouseover the bar on the frontend