If you embed a third-party iframe (like a widget), you can't access its content with either CSS or JavaScript (due to the so-called same-origin policy ). However, there is a very simple procedure for modifying any code (also in other files that are reloaded within the iframe). To do this, you route the URL through your own PHP proxy and modify the content as you wish.
Some providers check (usually badly than right) whether the current origin corresponds to the external domain and otherwise stop. But since we have all the cards in hand, we can easily override these checks. With a relatively simple code analysis, almost all scripts (even well-secured Google Sheets embeddings within iframes) can be modified. Here is a simple version of the proxy (whereby the $receipts variable is intentionally only filled with harmless sample data):
50e04665c777c53c6cea8a8601f57bbf
All you have to do now is change the src attribute of the iframe and let the fun begin:
50e04665c777c53c6cea8a8601f57bbf
If you want to swap recipes, feel free to PM me. Happy hacking!