WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions prior to 3.0.6 of the Smart SEO Tool plugin for WordPress, which stems from the fact that search parameters are not cleaned up and escaped before being output back to properties. An attacker could exploit the vulnerability to execute JavaScript code on the client side.