## https://sploitus.com/exploit?id=WPEX-ID:7A3B89CC-7A81-448A-94FC-36A7033609D5
1. Create a SVG file with the malicious payload within it; Example SVG file: https://github.com/codesecure-org/xss-svg/blob/main/1.svg?short_path=97b023c
2. As a user with the Author role, go to the "Media" page and upload the SVG file
3. Access the uploaded file directly
4. You will see the XSS