WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. Cross-site scripting vulnerabilities exist in versions of the WordPress Patreon plugin prior to 1.8.2, which stem from the plugin’s failure to clean and escape the " Custom Patreon Page Name" field. An attacker could exploit this vulnerability to perform cross-site scripting attacks.