WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Spacer version 3.0.7 or earlier has a cross-site scripting vulnerability that can be exploited by attackers to inject cross-site code and launch XSS attacks.