WordPress Plugin Exploit Alert: Wordfence Security
Secunia has reported a XSS vulnerability in WordPress security plugin Wordfence Security, which can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
The vulnerability affects versions 3.3.5 and prior, and has been patched in the latest version (3.3.7). If you’re using this plugin, please update ASAP
The vulnerability was discovered by Eugene Dokukin aka MustLive.