## https://sploitus.com/exploit?id=WPEX-ID:2D6ECD21-3DD4-423D-80E7-277C45080A9F 1. In the plugin's settings, add the payload `"><script>alert(1)</script>` to the "Custom CSS Classes" field. 2. Save and when the page reloads, see XSS.