## https://sploitus.com/exploit?id=WPEX-ID:CF7C0207-ADB2-44C6-9469-2B24DBFEC83A Put the following payload in the Sharing Header setting of the plugin: <svg onload=alert(/XSS/)> Then go to any page in the frontend to trigger the XSS