The quick-post-widget WordPress plugin was affected by a Multiple Cross-Site Scripting (XSS) security vulnerability.
seclists.org/bugtraq/2012/Aug/66