WordPress WP Home Page Menu plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress WP Home Page Menu plugin versions prior to 3.1 contain a cross-site scripting vulnerability that stems from the plugin’s failure to clean up and escape its settings. An attacker could exploit this vulnerability to perform cross-site scripting attacks.