The Stop User Enumeration plugin for WordPress is not secure in versions up to 1.3.7. This means that it is possible for someone to trick the plugin into letting them add malicious code to a website. If a visitor to the website then visits a page with the malicious code