Share
## https://sploitus.com/exploit?id=WPEX-ID:6D50D3CC-7563-42C4-977B-F834FEE711DA
1. Create a "Contact Us" form from the plugin presets
2. Click on the Message field, go to the "Settings" tab and choose a name for the parameter you want to use to pre-populate that field later, and write it down to in the field to that effect, in the "query parameter" textbox.
3. Save the form, add the resulting shortcode to a post, and preview it.
4. Once on the previewed post, add the parameter you set in Step 2 to the post's URL. Have it contain the following value:

```
<img src=x <script>onerror=alert(window.domain);//>
```

The resulting URL should look something similar to the following (the parameter name I chose at step 2 is "blah"): 

https://example.com/?p=145&preview=true&blah=%3Cimg%20src=x%20%3Cscript%3Eonerror=alert(window.domain);//%3E 

5. Click on the textarea containing the seemingly encoded IMG tag, and press backspace once. This should launch the alert box.