Reflected Cross-Site Scripting (XSS) vulnerability discovered by p7e4 in WordPress User Activation Email plugin (versions <= 1.3.0).
This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review.