WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. a cross-site scripting vulnerability exists in versions of WordPress prior to myCred plugin 2.4, which stems from the failure to clean and escape search queries before outputting them back to the history dashboard page. An attacker could exploit this vulnerability to execute JavaScript code on the client side.