I found the Stored XSS in WordPress file upload version 4.16.3 in WordPress version 5.9.1
First I made a draft Post with the title <script> alert(1)</script>
Then install WordPress file upload plugin (version 4.16.3).
Now go to settings >> wordpress file upload
Where you can get the popup.
After checking futher I found the location where xss get triggered again.
Hacker World 