CVE-2015-9273

maltiger

The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Referer header, or via a field associated with JavaScript-based Referer tracking.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9273