Exploit : For Exploiting This Vulnerability Install Testimonial Slider Plugin Then Create New SGallery In Gallery Title Input And Gallery Description Place Your JavaScript Code After Creating Gallery JavaScript Code Will Be Executed . Plugin Is Accessable By Authors , Administartors , Editors . Image POC : http://i.imgur.com/bHoezPa.jpg Vulnerable Codes <\gallery-master\views\galleries\manage_galleries.php>[Line : 177]: 1- 2-