# Exploit Title: WordPress Plugin ‘Simple Page Transition’ - Stored Cross Site Scripting # Date: 27-06-2022 # Exploit Author: Mariam Tariq - HunterSherlock # Vendor Homepage: https://wordpress.org/plugins/simple-page-transition/ # Version: 1.4.1 # Tested on: Firefox # Contact me: mariamtariq404@gmail.com *#Vulnerable code*: ``` ``` *#POC:* 1- Install the plugin ‘simple page transition’ & activate it. 2- Navigate towards the “ignored download links” 3- Enter the XSS payload ` *“>*` *#POC image:* https://imgur.com/yzaTkhi