Real Time Statistics on your blog, collecting information about visitors, spiders, search keywords, feeds, browsers, OS and more.
This is a good plugin for what it does but you guys really need to work on having some better security to avoid mysql injection.
For example, on line 859 of the main plugin PHP file you have:
$blogids = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM $wpdb->blogs"));
It should be changed to the following to avoid any security concerns as well as the myriad warning that will pop up in browsers (especially a problem for non-developers who won't know what the heck is going on...).
Line 859 should be changed to this:
$blogids = $wpdb->get_col($wpdb->prepare("SELECT blog_id FROM $wpdb->blogs WHERE id = %d", $id));
You must log in to submit a review. You can also log in or register using the form near the top of this page.