Sucuri has discovered a potentially severe security vulnerability in the WP Slimstat statistics plugin. The exploit covers version 3.9.5 and lower. With over 1.4 million downloads this could potentially affect a large number of sites.
If you are using this plugin on your site please update as soon as possible.
The vulnerability could allow a remote user to perform blind SQL injection attacks potentially allowing them access to database content and even WordPress security keys (which could allow a full site takeover). For this reason the flaw has been flagged high risk.
Again this highlights the need to stay on top of plugin and security updates for your site and to try and minimise plugin use to reduce the potential for attack vectors to become available.
Technical details and more information can be found at http://blog.sucuri.net/2015/02/security-advisory-wp-slimstat-3-9-5-and-lower.html
Too busy to monitor your site and keep it up to date? We offer WordPress maintenance packages to keep your site backed up in the cloud and up to date to ensure your website always stays online. Contact us today to find out more.