Wright Websites first-party cookie consent: preferences, language, and optional marketing features are described in the machine-readable declaration below and in our cookie policy.
The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.