WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of WordPress PPOM for WooCommerce plugin prior to 24.0, which stems from the plugin’s PPOM’s failure to authorize and CSRF checks, allowing any authenticated person to invoke it and set arbitrary settings. An attacker could exploit this vulnerability to cause a stored cross-site scripting attack.