Share
## https://sploitus.com/exploit?id=WPEX-ID:6D71816C-8267-4B84-9087-191FBB976E72
Create/edit a Slide (/wp-admin/admin.php?page=slideshow-slides) and put the following payload in the Title or Description fields: <script>alert(/XSS/)</script>

Create/edit a Gallery (/wp-admin/admin.php?page=slideshow-galleries) and put the following payload in the Title field: <script>alert(/XSS/)</script>

The XSS will be triggered in both backend (Title field, in the Slide/Gallery list pages) and frontend (in pages/posts where the Slide/Gallery is embed)