## https://sploitus.com/exploit?id=WPEX-ID:0BD4F370-F9F8-43EE-8F20-96E899A1EFB5 1. Create a new vision item (with whatever role, even if it's an Administrator). 2. Connect to a user with a role as low as Contributor+ and create a new post. 3. Insert the following shortcode in a post: [imagelinks id='1' class='XSS" onmouseover="alert(1)'] 4. Hover over the image inserted by going to the post, the alert triggers successfully.