Tag
The WP Statistics WordPress plugin is vulnerable to stored cross-site scripting (XSS) via the 'utm_source' parameter, allowing unauthenticated attackers to inject arbitrary web scripts into admin pages.