WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL. WordPress plugin Page Restriction has a cross-site scripting vulnerability that stems from injecting Javascript code into its settings. An attacker could exploit the vulnerability to cause stored cross-site scripting to affect admin users.