This vulnerability has been discovered and reported by Carl Clegg (carl(at)cjc(dot)im)
PieRegister is a Wordpress plugin that creates registration pages and forms for Wordpress sites.
PieRegister <= 2.0.21
CVSS v2: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
An Open Redirect has been found in Pie Register that would allow for the redirection from a site to a potentially malicious page under the control of a third party.
By altering the redirect_to parameter the redirect occurs
Disable the plugin until an upgrade is available
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.