This is the example HTML taken directly from the WorldPay "Template Form".

They recommend this method if:

But an evil "hacker" has just changed the <script> tag to use a different URL, nothing more.

As this is insecure, you MUST test with one of these cards (I don't want any of your personal data):