WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. The WordPress plugin is vulnerable to SQL injection, which stems from the fact that The MAZ Loader plugin does not validate or escape the mzldr shortcode’s loader_id parameter, which allows users with roles as low as contributor to perform SQL injections. No details of the vulnerability are currently available.