The hdw-tube WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
http://www.example.com/wp-content/plugins/hdw-tube/playlist.php?playlist=“><” http://www.example.com/wp-content/plugins/hdw-tube/mychannel.php?channel=“><”