WordPress is the Wordpress Foundationβs set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. cross-site scripting vulnerability exists in versions of WordPress prior to Check & Log Email plugin 1.0.4. The vulnerability stems from the fact that the d parameter is not escaped before it is output back to the property. An attacker could exploit this vulnerability to conduct cross-site scripting attacks.