CVE-2015-3998
phpwhois version 4.2.5 used in the WordPress adsense-click-fraud-monitoring plugin version 1.7.5 is documented to have a cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script or HTML via the query parameter to whois.php. The linked reports confirm the affected componen...