WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Easy Social Icons plugin has a SQL injection vulnerability that stems from the use of cnss_ widgets in SQL statements before is not cleaned up for its selected_icon property, an attacker can use the vulnerability to execute illegal SQL commands to steal sensitive database data.