WP-Slimstat’s users should update as soon as possible! During a routine audit for our WAF, we discovered a security bug that an attacker could, by breaking the plugin’s weak “secret” key, use to perform a SQL Injection attack against the target website.
more here..........http://blog.sucuri.net/2015/02/security-advisory-wp-slimstat-3-9-5-and-lower.html
more here..........http://blog.sucuri.net/2015/02/security-advisory-wp-slimstat-3-9-5-and-lower.html