Exploit for Coming Soon and Maintenance Mode < 3.5.3 - Authenticated Stored XSS CVE-2021-24577

Name: Exploit for Coming Soon and Maintenance Mode < 3.5.3 - Authenticated Stored XSS CVE-2021-24577
Rating: 5 (286 reviews)

2021-09-13 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:D453B547-41A8-4A6B-8349-8686B7054805
* Open the Coming Soon plugin's settings (Coming Soon -> Coming Soon) 
* Click on the "Title" section
* Inject XSS payload into the Title section's "Title" form field. 
<!'/*"/*/'/*/"/*--></Script><Image SrcSet=K */; OnError=confirm`123` //>
* Click "Save Section", then reload the settings page (Coming Soon -> Coming Soon)