## https://sploitus.com/exploit?id=WPEX-ID:58A63507-F0FD-46F1-A80C-6B1C41DDDCF5
As a contributor, put the following payload in a post (the payload will have to be updated accordingly to watch the correct user and domain)
ahoy hoy @user@malicious-activitypub.site
The XSS will be trigged when viewing/previewing the post