Exploit for Team Members < 5.2.1 - Editor+ Stored XSS CVE-2022-3936

Name: Exploit for Team Members < 5.2.1 - Editor+ Stored XSS CVE-2022-3936
Rating: 5 (135 reviews)

2022-12-09 | CVSS 0.2

## https://sploitus.com/exploit?id=WPEX-ID:921DAEA1-A06D-4310-8BD9-4DB32605E500
1. Go to the "Teams" section » add a new team and in the "Main color" option, add the payload: " onmouseover=alert(/XSS/)//
2. Publish/Update the page » click on the "Main color" option and hover the mouse over the input field to trigger the XSS.