Share
## https://sploitus.com/exploit?id=WPEX-ID:C1FE0BC7-A340-428E-A549-1E37291BEA1C
1. Create a SVG file with the malicious payload within it; Example SVG file: https://github.com/codesecure-org/xss-svg/blob/main/1.svg?short_path=97b023c
2. As a user with the Author role, go to the "Media" page and upload the SVG file
3. Access the uploaded file directly
4. You will see the XSS