## https://sploitus.com/exploit?id=WPEX-ID:34A7B3CD-E2B5-4891-AB33-AF6A2A0EECEB
Access the settings of the plugin (/wp-admin/options-general.php?page=wp_downgrade) and remove the max length as well as pattern attribute on the "WordPress Target Version" settings field, then put the following payload in it and save: <script>alert(/XSS/)</script>