WordPress Count per Day Plugin Arbitrary File Download and Cross Site Scripting Vulnerabilities
An attacker can exploit the file download issue with a browser. To exploit a cross-site scripting issue the attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URIs are available:
Arbitrary file download: