## https://sploitus.com/exploit?id=WPEX-ID:1049E940-49B1-4236-BEA2-C636F35C5647
1. Register a student account and go to the "Dashboard" plugin (https://example.com/dashboard/settings/)
2. Add the payload `<svg/onload=alert(origin)>` to either the "First Name" or "Last Name" fields.
3. Click on "Update Profile" and reload the page.
4. When you do that, you will see the XSS.