XSS Flaw in WordPress Plugin Allows Injection of Malicious Code | Better teaching, more learning | Scoop.it
A security vulnerability in the WP Banners Lite plugin for WordPress sites allows an attacker to inject malicious html or javascript code.

Via Gust MEES