WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Plugin is a WordPress open source application plugin. SQL injection vulnerability exists in Wordpress Plugin Visitor Traffic Real Time Statistics, which stems from the product’s today_traffic_index Ajax operation does not filter special characters in the input data. An attacker can execute malicious SQL statements through this vulnerability.