Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in vcc.js.php in the Verification Code for Comments plugin 2.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 vp, 2 vs, 3 l, 4 vu, or 5 vm parameter...