Description The plugin does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks
1. Add an inquiry form using the shortcode [fspi-show-products-list]
2. As a non-logged in visitor, enter the payload " style=animation-name:rotation onanimationstart=alert(/XSS/)//
for the name 3. See the XSS when editing an individual inquiry from: https://example.com/wp-admin/edit.php?post_type=fspi-inquiry