Exploit for Per Page Add to Head <= 1.4.4 - Authenticated Stored XSS CVE-2021-24619

Name: Exploit for Per Page Add to Head <= 1.4.4 - Authenticated Stored XSS CVE-2021-24619
Rating: 5 (544 reviews)

2021-08-11 | CVSS 3.5

## https://sploitus.com/exploit?id=WPEX-ID:F360F383-0646-44CA-B49E-E2258DFBF3A6
Put the following payload in the HTML setting of the plugin, then access any page in the frontend to trigger it: <img src onerror=alert(/XSS/)>