WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. link-list-manager plugin is a WordPress open source application plugin. WordPress link-list-manager plugin has a cross-site scripting vulnerability that originates from the category parameter of ~/llm.php Lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.