Convoworks WP - Reflected cross-site scripting (XSS)

 314 | $wpConvoServiceConversationRequestDao = $container->get('wpConvoServiceConversationRequestDao');
 315 |
 316 | $requestLogsTable = new ConvoServiceConversationRequestLogTable($wpConvoServiceConversationRequestDao);
 317 | $requestLogsTable->prepare_items();
 318 |
 319 | echo '<div class=""wrap""><h1 class=""wp-heading-inline"">'.print_r($requestLogsTable->get_args(), true).'</h1>';
 320 | ?>
 321 | <form method=""get"">
> 322 | <input type=""hidden"" name=""page"" value=""<?php echo $_REQUEST['page'] ?>"" />
 323 | <?php $requestLogsTable->search_box('search', 'convo_request_log_search'); ?>
 324 | <?php $requestLogsTable->display(); ?>
 325 | </form>
 326 | <div class=""position-fixed bottom-0 right-0 p-3"" style=""z-index: 5; right: 0; bottom: 0;"">
 327 | <div id=""liveToast"" class=""toast hide"" role=""alert"" aria-live=""assertive"" aria-atomic=""true"" data-delay=""2000"">
 328 | <div class=""toast-body"">
 329 | Copied to clipboard.
 330 | </div>
      ^ Col 0