WordPress WPForms plugin version 1.5.8.2 suffers from a persistent cross site scripting vulnerability.