A persistent XSS vulnerability was found in wp-feedstats < 2.4 by David Kierznowski <http://gnucitizen.org/about/dk> of GNUCITIZEN.
Details: http://blogsecurity.net/wordpress/news-260707/