## https://sploitus.com/exploit?id=WPEX-ID:DD6EBF6B-209B-437C-9FE4-527AB9E3B9E3
Steps to reproduce:
1) As a Contributor, go to portfolio on the dashboard and add new item.
2) on the editing page that comes up, scroll down to the slider section
3) Add the payload in the description area. "<img src=1 onerror=alert('xss')>"
4) save and preview the item and watch the script trigger.
5)login as an administrator or editor and also preview the created portfolio item and the script gets triggered