WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions prior to WordPress Easy Accordion plugin 2.0.22, which stems from a lack of validation and escaping of input by the software when adding new items to accordion. An attacker could use this vulnerability to inject JavaScript and execute a stored XSS attack.