Authored by Taliya Bilal

WordPress Circle Progress plugin version 1.0 suffers from a persistent cross site scripting vulnerability.

# Exploit Title: WordPress Plugin Circle progress bar – Cross site
# Date: 2-06-2023
# Exploit Author: Taliya Bilal- NightHawk
# Vendor Homepage:
# Version: 1.0
# Tested on: Firefox
# Contact me: [email protected]

# Steps to reproduce:
1. Install Circle progress bar and activate plugin.
2. Navigate to Circle progress bar plugin.
3. Fill the title field with xss payload <img src=x onerror=alert(1)>
4. Click the option preview post. Here the popup will appear.