Cross-site Scripting (XSS) is a client-side code injection attack where, an attacker can execute malicious scripts into a website or web application. The old versions of WordPress allowed remote attackers to inject browser executable code using a HTTP response. Due to this vulnerability, the application fails to properly process the codes. When an attacker inserts an executable code as a part of the custom URI or HTTP parameters. The aftermath of this results in Reflected Cross-site Scripting attack.
The major impact include:-