Over 600,000 Sites Impacted by WP Statistics Patch
A Time-Based Blind SQL Injection vulnerability in the WP Statistics Plugin allowed unauthenticated users to extract sensitive data.
www.wordfence.com