WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. WordPress Storefront Footer Text plugin in version 1.0.1 and earlier has a cross-site scripting vulnerability, which stems from the lack of ““Footer Credit Text”” on the plugin page for user-supplied data and output data checksum filtering. An attacker could exploit this vulnerability to execute JavaScript code on the client side.