WordPress Plugins Leave Black Friday Shoppers Vulnerable Posted on November 23, 2016 by Simon Steed Researchers found a third of the top WordPress e-commerce plugins contain severe vulnerabilities tied to XSS cross-site scripting, SQL injection and file manipulation flaws.