This post discusses WordPress Comment XSS affecting version 4.2 or below. I have outlined the internal working of this specific XSS.
UPDATE : this plugin has now been posted on wordpress plugins
you have account at more then 5-10 sites and wish to connect between them its a lot more then just pain to remember each site. After searching web for more then hours i came only one plugin which supported listing my profiles at the same place, but that too was limited in choice.
so finally i decided to create a plugin of my own, so her it is