The plugin does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue
https://example.com/student-registration/?user_login="><script>alert(/XSS/)</script>
JrXnm
JrXnm
Yes
2021-10-19 (about 8 months ago)
2021-10-19 (about 8 months ago)
2022-04-09 (about 2 months ago)