WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress Log HTTP Requests plugin 1.3.1 and earlier versions, which can be exploited by an attacker to steal a victim’s cookie-based authentication credentials.