A Hacker known as "Pr0T3cT10n" found the multiple vulnerability in WordPress Photoracer Plugin. http://wordpress.org/extend/plugins/photoracer/ plugin is vulnerable to XSS(cross site Scripting) and SQLi(SQL Injection), Tested on Wordpress 3.2 Hebrew, Photoracer 1.0.
Source: http://pastebin.com/97BZqqGR
Update: looks like the plugin is removed from wordpress
Source: http://pastebin.com/97BZqqGR
Update: looks like the plugin is removed from wordpress
