Stored Cross-Site Scripting affects the web applications that allows users to store data. This action can potentially expose the users to this type of attack. All versions of WordPress can get affected by using vulnerable plugins, as it can increase the chance of getting hijacked. This vulnerability affects the end user accounts and the aftermath of this vulnerability’s exploitation is complete compromisation of WordPress installation and underlying server. The attacker can get administrative access to edit the website’s current PHP code. As a result, he could lead to Remote Command Execution and will finally result in a complete website takeover.
Using this vulnerability, an attacker can:-