The Multi Step Form WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.
ansawaf.blogspot.com/2018/10/cve-2018-14846-multiple-stored-xss-in.html
cwatch.comodo.com/blog/website-security/vulnerability-found-in-multiple-stored-xss-form-in-wordpress-version-1-2-5/
github.com/mlooft/multi-step-form/commit/8a89f6deb888abb0ae679841ee96ee8332e5b5bc#diff-13d0709dedfe5ef22b22558c25b54ccf
plugins.trac.wordpress.org/changeset?key5sk1=ed7e8ad919a00da1183b66e366c46367fc4cc26e&sfp_email=&sfph_mail=&reponame=&new=1919415%40multi-step-form&old=1917502%40multi-step-form