Exploit : For Exploiting This Vulnerability Install Easy Media Gallery Plugin Then Create New Media In Media Title Input : "/> Then In Media Subtitle Like Media Title Input : "/> After Creating New JavaScript Code Will Be Executed . Video Poc : http://youtu.be/5nMQUgP6nD4 Vulnerable Code in include/metabox.php [478]: