1. Visit the "Settings" interface available in settings page of the plugin that is named "Widget Settings"
2. In the plugin's "Today's Count Label" setting field, enter the payload
Payload: `"type=image src=1 onerror=alert(1)>`
3. Click the "Save Changes" button.
4 The XSS will be triggered on the settings page when every visit of an authenticated user.

Note: Other settings may also be affected.