CVE-2014-9570

Multiple cross-site scripting XSS vulnerabilities in the MyWebsiteAdvisor Simple Security plugin 1.1.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 datefilter parameter in the accesslog page to wp-admin/users.php or 2 simplesecurityipblacklist...