XSS Attack WordPress
Steps to Reproduce
The following pictures show how we are able to exploit the vulnerability.
This issue exists due to insufficient input filtering. In order to mitigate the issue we recommend applying input filtering to all input fields and URL parameters in the entire plugin to ensure that only valid input is processed (this means input filtering for the fields as well as for the field values).
The issue was fixed by Elliot Condon in release 5.7.8.
Credit for finding and reporting the issue: