The HTML code generated by the FAQ shortcode does not sanitise the Display_FAQ GET parameter, leading to an unauthenticated reflected Cross-Site Scripting issue on pages where such shortcode is used.
Append the following payload on a page where a FAQ is embedded: ?Display_FAQ=</script><svg/onload=alert(/XSS/)>