WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WP Prayer WordPress is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress WP Prayer plugin prior to 1.6.2, which stems from the fact that the WordPress plugin provides a feature to store requests and list them on the WordPress website while doing effective filtering of user input. An attacker could use this vulnerability to inject malicious JavaScript code to steal user credential information.