Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability via ‘IP’ discovered by Muhammad Zeeshan (Xib3rR4dAr) in WordPress WP Statistics plugin (versions <= 13.1.5).
Update the WordPress WP Statistics plugin to the latest available version (at least 13.1.6).