WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. A cross-site scripting vulnerability exists in versions of WordPress prior to WP Subtitles plugin 3.4.1. An attacker can exploit this vulnerability to perform cross-site scripting attacks.