Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote attacker may obtain user information etc. and alter the page contents on the user's web browser.
https://securityaffairs.com/162113/security/forminator-wordpress-plugin-flaws.html