wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog.