## https://sploitus.com/exploit?id=WPEX-ID:5A2756C1-9ABF-4FD6-8CE2-9F840514DFCC
Create/edit a form, go to the Form Settings -> General Settings and put the following payload in the "Form Name", "Form Description" and "Successful form submission message": <script>alert(/XSS/)</script>, and tick the "Enable Form Title / Name on Front End" as well as "Enable Form Description Front End" checkboxes
Save the form. The XSS will be triggered in pages/post where the form is embed, and after the form is sent