The yawpp plugin up to and including 1.2.2 for WordPress has XSS via the field1 parameter.
ostenta yawpp