## https://sploitus.com/exploit?id=WPEX-ID:D6C72D90-E321-47B9-957A-6FEA7C944293
Step1: Install and activate the plugin "iFlyChat โ WordPress Chat-4.6.4"
Step2: Enter the following payload in the "APP ID" field of the plugin settings (wp-admin/options-general.php?page=iflychat_settings).
+xss"/><script>alert(1)</script>
Step3: Now the script will be stored and will be executed at the times whenever the victim goes to the plugin.