diff --git a/CHANGELOG.md b/CHANGELOG.md
index 871dd7c..5e7b26f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,9 @@ This is an alpha version! The changes listed here are not final.
 ### Removed
 - General: Update minimum PHP version to 7.2.
 
+### Fixed
+- Fix a fatal error occurring due to a function receiving an unexpected input type.
+
 ## [0.33.8] - 2024-11-11
 ### Changed
 - Updated package dependencies. [#39999] [#40060]
diff --git a/src/contact-form/class-admin.php b/src/contact-form/class-admin.php
index 5ed484a..d7ba738 100644
--- a/src/contact-form/class-admin.php
+++ b/src/contact-form/class-admin.php
@@ -981,12 +981,29 @@ public function grunion_ajax_shortcode() {
 			}
 		}
 
+		$field_shortcodes = array();
+
 		if ( isset( $_POST['fields'] ) && is_array( $_POST['fields'] ) ) {
-			$fields = sanitize_text_field( stripslashes_deep( $_POST['fields'] ) );
+			$fields = array_map(
+				function ( $field ) {
+					if ( is_array( $field ) ) {
+
+						foreach ( array( 'label', 'type', 'required' ) as $key ) {
+							if ( isset( $field[ $key ] ) ) {
+								$field[ $key ] = sanitize_text_field( wp_unslash( $field[ $key ] ) );
+							}
+						}
+
+						if ( isset( $field['options'] ) && is_array( $field['options'] ) ) {
+							$field['options'] = array_map( 'sanitize_text_field', array_map( 'wp_unslash', $field['options'] ) );
+						}
+					}
+					return $field;
+				},
+				$_POST['fields'] // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- each item sanitized above.
+			);
 			usort( $fields, array( $this, 'grunion_sort_objects' ) );
 
-			$field_shortcodes = array();
-
 			foreach ( $fields as $field ) {
 				$field_attributes = array();