## https://sploitus.com/exploit?id=WPEX-ID:8EDBDEA1-F9BB-407A-BCD1-FFF3E146984C
1. Create a new book item (with whatever role, even if it's an Administrator).
2. Connect to a user with a role as low as Contributor+ and create a new post.
3. Insert the following shortcode in a post: [ipages id='1' class='XSS" onmouseover="alert(1)']
4. Hover over the book inserted by going to the post, the alert triggers successfully.