WordPress PVN Auth Popup 1.0.0 Cross Site Scripting

# Exploit Title: PVN Auth Popup <= 1.0.0 - Admin+ Stored XSS# Date: 08-04-2024# Exploit Author: Vuln Seeker Cybersecurity Team# Vendor Homepage: https://wordpress.org/plugins/pvn-auth-popup/# Version: <= 1.0.0# Tested on: Firefox# Contact me: [email protected] plugin does not sanitise and escape some of its settings, which couldallow high privilege users such as admin to perform Stored Cross-SiteScripting attacks even when the unfiltered_html capability is disallowed(for example in multisite setup)Proof of Concept1. Go to https://example.com/wp-admin/admin.php?page=pvn_auth_popup2. In the first section, enter the payload `"><script>alert(1)</script>`for the "Login text" input3. Save and see the XSSNote: Other fields are likely vulnerableReference:https://wpscan.com/vulnerability/24685b19-0a44-411a-9e1b-d4d0627d7cb6/