WordPress WPtouch Plugin 'wptouch_settings' Parameter Cross Site Scripting Vulnerability

Summary
This host is installed with WordPress WPtouch Plugin and is prone to cross-site scripting vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site. Impact Level: Application
Solution
Upgarde to 3.1.1 or later, For updates refer to http://wordpress.org/extend/plugins/wptouch
Insight
The flaw is due to input validation error in 'wptouch_settings' parameter to 'wp-content/plugins/wptouch/include/adsense-new.php', which is not properly sanitised before being returned to the user.
Affected
WordPress WPtouch Plugin 1.9.19.4 and 1.9.20, other versions may also be affected.
References