## https://sploitus.com/exploit?id=WPEX-ID:FE2F1D52-8421-4B46-B829-6953A0472DCB
1. In the settings of the plugin, in the three input boxes are named "Second Address Label", "Login Logo Override", and "Custom CRM Header", enter the payload: 1" onmouseenter=alert(1) "
2. Refresh the page and hover the mouse on the input boxes to get the XSS trigger.