WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Easy Social Icons plugin is a WordPress open source application plugin. WordPress Easy Social Icons plugin in version 3.0.8 and earlier has a cross-site scripting vulnerability that originates in main file file $_SERVER[‘PHP_SELF’] lack of user input data validation and filtering of the data at the input, an attacker can use the vulnerability to lure users to click on a request containing malicious leads to the client-side code to steal the user cookie credentials.