3 .Click edit on ...">
Description
I noticed, your website is very secure.
But you overlooked a flaw XSS .
Proof of Concept
Detail:
1 .Login vs admin demo account and access admin page.
2 .Create a users ,insert payload in to Real name
test"><img src>
3 .Click edit on the user just created, detect XSS
Video Poc
https://drive.google.com/file/d/1o90LvU60Rux8_ZpucmLRF0mAbBTpDzjs/view?usp=sharing