Headline
WordPress Gutenberg 18.0.0 Cross Site Scripting
WordPress Gutenberg plugin version 18.0.0 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
## Exploit Title: Wordpress Gutenberg Plugin Version 18.0.0 Stored XSS### Date: 2024-3-29### Exploit Author: tmrswrr### Category: Webapps### Vendor Homepage: https://wordpress.org/plugins/gutenberg/### Version 18.0.01 ) Go to Gutenberg Plugin edit page : https://127.0.0.1/WordPress/2024/03/29/welcome-to-the-gutenberg-editor/#comment-42 ) Write Leave a Reply place your payload :<sVg/onLy=1 onLoaD=confirm(1)//3 ) After save will be see alert button