Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users
On a site with the User Login/Registration widget active, have an unauthenticated user send a post request to the any page where the widget appears: