## https://sploitus.com/exploit?id=WPEX-ID:B0F8713F-54B2-4AB2-A475-60A1692A50E9
As a subscriber, submit a review (a page/post with [ms_reviews] embed) with the following payload: <script>alert(/XSS/)</script>
The XSS will be triggered when anyone (including an admin) will view the page/post in the frontend