WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Testimonials plugin is vulnerable to a cross-site scripting vulnerability that stems from the program’s lack of data validation filtering of user-supplied data and output. An authenticated attacker could exploit the vulnerability to execute JavaScript code on the client side.