WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Simple:Press plugin 6.8 and previous versions have a reflective cross-site scripting vulnerability that stems from insufficient cookie value input cleanup and output escaping, which can be exploited to inject cross-site code and launch XSS attacks .