WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. WordPress plugin is a WordPress application plugin. WordPress Child Theme Generator plugin version 2.2.7 and earlier versions have a cross-site scripting vulnerability that stems from the failure of the Child Theme Generator plugin fails to clean up the parade parameters before exporting them back, which can be exploited by attackers to cause cross-site scripting issues in the admin dashboard.