A recent alert from Sucuri’s Vulnerability Research team has announced a high severity vulnerability in the WP Statistic plugin.
Any users using version 8.3 (or lower) of the plugin are considered to be vulnerable to attacks that result in SEO spam, the creation of new administrator accounts and other negative actions.
The issue has been patched and anybody using the WP Statistic plugin is recommended to upgrade to version 8.3.1, which is available from the WordPress repository.
Further details about the vulnerability can be found on Sucuri’s blog.