Exploit for Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting CVE-2021-24789

Name: Exploit for Flat Preloader < 1.5.5 - Admin+ Stored Cross-Site Scripting CVE-2021-24789
Rating: 5 (225 reviews)

2021-09-28 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:E8550CCD-3898-4E27-ACA9-ADE89823FF4D
Put the following payload in the "Alt text" setting of the plugin, then view any page in the frontend to trigger it: " onload=alert(/XSS/)//