WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress Easy Social Icons plugin prior to 3.2.1, which stems from the plugin’s failure to properly image_file field. A remote attacker could exploit this vulnerability to inject arbitrary javascript.