WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Contact Form Entries Plugin has a cross-site scripting vulnerability in versions prior to 1.2.4, which stems from the plugin’s lack of data validation filtering of user-supplied data and output. An unauthenticated attacker could exploit the vulnerability to execute JavaScript code on the client side.