WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language . The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Drag and Drop Multiple File Upload plugin version 1.3.6.3 prior to the cross-site scripting vulnerability, the The vulnerability stems from the default allowing SVG files to be uploaded via the dnd_codedropz_upload AJAX operation, which can be exploited by attackers to cause storage cross-site scripting issues.