Share
## https://sploitus.com/exploit?id=WPEX-ID:EFA7D91A-447B-4FD8-AA21-5364B177FEE9
(The plugin requires the Storefront theme)

Go to Appearance > Customize (/wp-admin/customize.php), open the Footer customisation and put the following payload in the Footer Credit Text: <script>alert(/XSS/)</script>

The XSS will be triggered in all frontend pages, and Customise admin panel as well