WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in WordPress Cybersoldier, which stems from not cleaning and escaping URL settings before exporting them to properties, and can be exploited by a highly privileged attacker to perform cross site scripting attacks.