EPSS
Percentile
43.5%
The plugin does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue
https://example.com/?noptin_ns=email_click&to=https://wpscan.com
plugins.trac.wordpress.org/changeset/2639592