1. Configure the plugin to add the first name and last name fields to the form:
2. Add the `[prayer_form]` shortcode to a post or page
3. As a unauthenticated user, fill out the form and enter `"><script>alert(1)</script>` in the "first name" and "last name" fields
4. As an admin, go to: to see the XSS