# Exploit Title: WordPress Plugin Simple Post 1.1 - 'Text field' Stored Cross-Site Scripting (XSS)
# Date: 23/07/2021
# Exploit Author: Vikas Srivastava
# Software Link: https://wordpress.org/plugins/simple-post/
# Version: 1.1
# Category: Web Application
# Tested on Mac
How to Reproduce this Vulnerability:
1. Install WordPress 5.7.2
2. Install and activate Simple Post
3. Navigate to Settings >> Simple Post and enter the XSS payload into the Text input field.
4. Click Update Options.
6. Payload Used: "><script>alert(document.cookie)</script>