Share
## https://sploitus.com/exploit?id=WPEX-ID:81B89613-18D0-4C13-84E3-9E2E1802FD7C
1. Fields in the "Options" section of the plugin are vulnerable to XSS. For example, the "Button Text" field is affected by the payload: `<script>alert('XSS')</script>`
2. Reload page to see XSS.