WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blog sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of the WordPress plugin Site Reviews prior to 5.13.1, which stems from not cleaning up some comment details when adding comments, and can be exploited by attackers to perform cross-site scripting attacks when unfiltered html is not allowed .