Exploit for Social Rocket < 1.3.3 - Admin+ Stored Cross-Site Scripting CVE-2022-3136

## https://sploitus.com/exploit?id=WPEX-ID:913D7E78-23F6-4B0D-ACA3-17051A2DC649
Logged in the backend of Wordpress as Administrator

1. Installed the plugin named: Social Rocket – Social Sharing Plugin
2. Activated the plugin.
3. On the left colum click now on Social Rocket > Floating Buttons.
4. Click now on Activate Networks and select Twitter as a social icon.
5. Hover now over the button Advanced, for this social button.
6. In the button Text use the following payload:

"><svg onload=alert(/XSSTEST/)>

7. Then Click on Done
8. Now click on the far right button Save.
9. And you will see the stored XSS vulnerability popping up.