WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress plugin Mark Daniels Night Mode 1.0.0 and previous versions have a cross-site scripting vulnerability, which originates from a vulnerability that is exploited through the &ntmode_page_setting[enable-me], &ntmode_page _setting[bg-color], &ntmode_page_setting[txt-color ], &ntmode_page_setting[anc_color] parameters to allow for stored cross-site scripting. An attacker can use this vulnerability to perform cross-site scripting attacks.