WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress YDS Support Ticket System 1.0 and earlier versions contain a cross-site request forgery vulnerability, which originates when a web application does not adequately verify that a request is from a trusted user. An attacker could use the vulnerability to spoof malicious requests to trick victims into clicking through to perform sensitive actions.