WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. iFrame injection vulnerability exists in WordPress plugin Quiz and Survey Master 8.0.4 and prior versions. The vulnerability stems from insufficient input cleanup and output escaping, and can be exploited by an unauthenticated attacker to cause iFrame injection.