A popular plugin for WordPress called Advanced Page Visit Counter has a security issue that could allow hackers to inject harmful code into a website. This can only happen if the attacker has high-level access to the website and if certain security settings are disabled.