WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the Wordpress Plugin Five Star Restaurant Reservations prior to version 2.4.8, which stems from the product’s rtb_welcome_set_schedule request that does not secure the input data is not handled securely. A low-privilege attacker could execute client-side execution of JavaScript code to exploit the vulnerability.