Share
## https://sploitus.com/exploit?id=WPEX-ID:AD714196-2590-4DC9-B5B9-50808E9E0D26
1. Go to https://example.com/wp-admin/widgets.php
2. Add the "CSSable Countdown" widget
3. Under "Add Text" add the payload `</script><script>alert(1)</script>` to the "Event Description"
4. View the frontend and see the XSS