## https://sploitus.com/exploit?id=WPEX-ID:C0C37787-3C4C-42D5-BB75-5D4ED3E7AA2B
1. Create a new vision item (with whatever role, even if it's an Administrator)
2. Connect to a user with a role as low as Contributor+ and create a new post.
3. Insert the following shortcode in a post: [vision id='1' class='XSS" onmouseover="alert(1)']
4. Hover over the image inserted by going to the post, and the alert triggers successfully.