Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
1. Click SendPress (which is available in left side)
2. Go to the Settings=>Forms=Create Form=>Form Type=>Signup, then click save.
3. In the Forms of Label parameters are vulnerable to Stored Cross Site Scripting.
Vulnerable parameters: Salutation Label, First Name Label, Last Name Label, Phone Number Label, E-Mail Label, Button Text, Lists Label: multiple lists only and Approval Label.
5. Payload: `"/><img src=x onerror=prompt(document.cookie)>`
6. Inject the above payload in above vulnerable parameters and save it.
7. The malicious JavaScript payload successfully executed.