WP XSS DEC 2024 - WP Cross-Site Scripting
Managed WP/Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS DEC 2024 is a +51% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed WP Security.
The following cases made headlines PUBLICLY just last month in the WP XSS DEC 2024 & WP Cross-Site Scripting category:
| AA Audio Player | Cross-Site Scripting (XSS) |
| Accordion title for Elementor | Cross-Site Scripting (XSS) |
| AchillesTheme-shortcodes | Cross-Site Scripting (XSS) |
| Active Products Tables for WooCommerce | Cross-Site Scripting (XSS) |
| Activity Log | Unauthenticated Cross-Site Scripting (XSS) from Event Context |
| adBuddy+ (AdBlocker Detection) | Cross-Site Scripting (XSS) |
| Add Chat App Button | Cross-Site Scripting (XSS) |
| Add Ribbon Shortcode | Cross-Site Scripting (XSS) |
| Additional Order Filters for WooCommerce | Cross-Site Scripting (XSS) |
| Addressbook | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Admin Amplify | Cross-Site Scripting (XSS) |
| Admin and Site Enhancements (ASE) | Cross-Site Scripting (XSS) from SVG |
| Admin SMS Alert | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced Event Manager | Cross-Site Scripting (XSS) |
| Advanced Form Integration | Cross-Site Scripting (XSS) |
| Advanced PDF Generator | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Advanced Video Player with Analytics | Cross-Site Scripting (XSS) |
| Advanced What should we write next about | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Adventure Bucket List | Cross-Site Scripting (XSS) |
| affiliate-toolkit | Cross-Site Scripting (XSS) |
| AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress | Cross-Site Scripting (XSS) |
| AI Responsive Gallery Album | Cross-Site Scripting (XSS) |
| Ajax Content Filter | Cross-Site Scripting (XSS) |
| AJAX Login and Registration modal popup + inline form | Cross-Site Scripting (XSS) |
| Alert Me! | Cross-Site Scripting (XSS) |
| Algori PDF Viewer | Cross-Site Scripting (XSS) |
| Amazon Associate Filter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| amr shortcodes | Cross-Site Scripting (XSS) |
| Anant Addons for Elementor | Cross-Site Scripting (XSS) |
| Anih Theme | Cross-Site Scripting (XSS) |
| APK Downloader | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Appointmind | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| April's Call Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Aqua SVG Sprite | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| ArCa Payment Gateway | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ashe Theme | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Assist24 Help Desk | Cross-Site Scripting (XSS) |
| AtaraPay WooCommerce Payment Gateway | Cross-Site Scripting (XSS) |
| aThemes Addons for Elementor | Cross-Site Scripting (XSS) |
| audioCase | Cross-Site Scripting (XSS) |
| AutoListicle | Cross-Site Scripting (XSS) |
| Awesome Fitness Testimonials | Cross-Site Scripting (XSS) |
| Awesome Shortcodes For Genesis | Cross-Site Scripting (XSS) |
| Awesome Studio | Cross-Site Scripting (XSS) |
| Awesome Tool Tip | Cross-Site Scripting (XSS) |
| AzonBox | Cross-Site Scripting (XSS) |
| Bamboo Enquiries | Cross-Site Scripting (XSS) |
| Banner System | Cross-Site Scripting (XSS) |
| Bard | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Basticom Framework | Cross-Site Scripting (XSS) |
| BBP Core - Expand bbPress powered forums with useful features | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Be Shortcodes | Cross-Site Scripting (XSS) |
| Beacon For Help Scout | Cross-Site Scripting (XSS) |
| BeBetter Social Icons | Cross-Site Scripting (XSS) |
| Beds24 Online Booking | Cross-Site Scripting (XSS) |
| Beds24 Online Booking | Cross-Site Scripting (XSS) from beds-link Shortcode |
| Best Addons for Elementor | Cross-Site Scripting (XSS) |
| best bootstrap widgets for elementor | Cross-Site Scripting (XSS) |
| Bg Patriarchia BU | Cross-Site Scripting (XSS) |
| Bing Search API Integration | Cross-Site Scripting (XSS) |
| Bitcoin Payments | Cross-Site Scripting (XSS) |
| Black Widgets For Elementor | Cross-Site Scripting (XSS) |
| Blizzard Quotes | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Block Editor Bootstrap Blocks | Cross-Site Scripting (XSS) |
| Blocks Post Grid | Cross-Site Scripting (XSS) |
| BNE Gallery Extended | Cross-Site Scripting (XSS) from gallery Shortcode |
| Booking Calendar | Cross-Site Scripting (XSS) |
| Booking calendar, Appointment Booking System | Unauthenticated Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Boombox Shortcode | Cross-Site Scripting (XSS) |
| Booster for WooCommerce | Cross-Site Scripting (XSS) from wcj_product_meta Shortcode |
| Booster for WooCommerce | Cross-Site Scripting (XSS) |
| Bounce Handler MailPoet 3 | Cross-Site Scripting (XSS) |
| Brand my Footer | Cross-Site Scripting (XSS) |
| Branda | Cross-Site Scripting (XSS) |
| Bread & Butter | Cross-Site Scripting (XSS) |
| Bricksable for Bricks Builder | Cross-Site Scripting (XSS) |
| Browsing History | Cross-Site Scripting (XSS) |
| BU Slideshow | Cross-Site Scripting (XSS) |
| BulkPress | Cross-Site Scripting (XSS) |
| Buooy Sticky Header | Cross-Site Scripting (XSS) |
| Capitalize My Title | Cross-Site Scripting (XSS) |
| CF7 WOW Styler | Cross-Site Scripting (XSS) |
| Chameleoni Jobs | Cross-Site Scripting (XSS) |
| Charitable | Cross-Site Scripting (XSS) |
| Charity Addon for Elementor | Cross-Site Scripting (XSS) |
| Checkout with Cash App on WooCommerce | Cross-Site Scripting (XSS) |
| Chessgame Shizzle | Cross-Site Scripting (XSS) |
| Christian Science Bible Lesson Subjects | Cross-Site Scripting (XSS) |
| CM Business Directory Plugin – Business Listing Directory | Cross-Site Scripting (XSS) |
| CM Email Registration Blacklist and Whitelist | Cross-Site Scripting (XSS) |
| CM Header & Footer Script Loader | Cross-Site Scripting (XSS) |
| CM On Demand Search And Replace | Cross-Site Scripting (XSS) |
| CM Pop-Up banners | Cross-Site Scripting (XSS) |
| CM Table Of Contents – WordPress TOC Plugin | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| CM Tooltip Glossary | Cross-Site Scripting (XSS) |
| Co-marquage service-public.fr | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| codeSnips | Cross-Site Scripting (XSS) |
| Community by PeepSo | Cross-Site Scripting (XSS) |
| Community Yard Sale | Cross-Site Scripting (XSS) |
| Constant Contact Forms by MailMunch | Cross-Site Scripting (XSS) |
| Contact Form 7 – PayPal & Stripe Add-on | Cross-Site Scripting (XSS) |
| Contact Form 7 Redirect & Thank You Page | Cross-Site Scripting (XSS) |
| Contact Form by WPForms | Cross-Site Scripting (XSS) |
| Content Syndication Toolkit Read (BAC)er | Cross-Site Scripting (XSS) |
| Continue Shopping From Cart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Control horas | Cross-Site Scripting (XSS) |
| Conversion Helper | Cross-Site Scripting (XSS) |
| Cookie Nonsense for YT | Cross-Site Scripting (XSS) |
| Copy Anything to Clipboard | Cross-Site Scripting (XSS) |
| Countdown Timer for Elementor | Cross-Site Scripting (XSS) |
| Counter Up | Cross-Site Scripting (XSS) |
| Cowidgets – Elementor Addons | Cross-Site Scripting (XSS) |
| Cowidgets – Elementor Addons | Cross-Site Scripting (XSS) |
| Creative Blocks | Cross-Site Scripting (XSS) |
| Cresta Addons for Elementor | Cross-Site Scripting (XSS) |
| CRM 2go | Cross-Site Scripting (XSS) |
| Crypto and DeFi Widgets | Cross-Site Scripting (XSS) |
| CultBooking Hotel Booking Engine | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Author URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom CSS, JS & PHP | Cross-Site Scripting (XSS) |
| Custom Dashboard Widget | Cross-Site Scripting (XSS) |
| Custom post type templates for Elementor | Cross-Site Scripting (XSS) |
| Custom Post Type to Map Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom Shortcode Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Custom URL Shortener | Cross-Site Scripting (XSS) |
| Customize My Account for WooCommerce | Cross-Site Scripting (XSS) from tab Parameter |
| Daily Image | Cross-Site Scripting (XSS) |
| Dashing Memberships | Cross-Site Scripting (XSS) |
| Delisho | Cross-Site Scripting (XSS) |
| Devnex Addons For Elementor | Cross-Site Scripting (XSS) |
| Dino Game | Cross-Site Scripting (XSS) |
| Ditty | Cross-Site Scripting (XSS) |
| Document & Data Automation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Don't Break The Code | Cross-Site Scripting (XSS) |
| Donate Me | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Doofinder | Cross-Site Scripting (XSS) |
| drop in image slideshow gallery | Cross-Site Scripting (XSS) |
| Drozd – Addons for Elementor | Cross-Site Scripting (XSS) |
| DuoGeek Blocks | Cross-Site Scripting (XSS) |
| Dynamic "To Top" | Cross-Site Scripting (XSS) |
| Dynamic Post Grid Elementor Addon | Cross-Site Scripting (XSS) |
| Dynamic URL SEO | Cross-Site Scripting (XSS) |
| e-shops | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Easy Liveblogs | Cross-Site Scripting (XSS) |
| Easy Pricing Tables | Cross-Site Scripting (XSS) |
| Easy Social Sharebar | Cross-Site Scripting (XSS) |
| Easy SVG Support | Cross-Site Scripting (XSS) |
| eewee admin custom | Cross-Site Scripting (XSS) |
| Ekiline Block Collection | Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | DOM-Based Cross-Site Scripting (XSS) |
| Elementor – Header, Footer & Blocks Template | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Elementor Button Plus | Cross-Site Scripting (XSS) |
| Elementor Image Gallery Plugin | Cross-Site Scripting (XSS) |
| Elementor Portfolio Builder | Cross-Site Scripting (XSS) |
| Elementor Website Builder | Cross-Site Scripting (XSS) |
| ElementsReady Addons for Elementor | Cross-Site Scripting (XSS) |
| Elfsight Telegram Chat CC | Missing Authorization (BAC) to Cross-Site Scripting (XSS) |
| Elo Rating Shortcode | Cross-Site Scripting (XSS) |
| Email Subscription Popup | Cross-Site Scripting (XSS) from print_email_subscribe_form Shortcode |
| Embed documents shortcode | Cross-Site Scripting (XSS) |
| EmbedPress | Cross-Site Scripting (XSS) from 'provider_name' |
| ESB Testimonials | Cross-Site Scripting (XSS) |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) |
| Essential Breadcrumbs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Event post | Cross-Site Scripting (XSS) from events_cal Shortcode |
| Event post | Cross-Site Scripting (XSS) |
| EventPress | Cross-Site Scripting (XSS) |
| Everest Forms | Cross-Site Scripting (XSS) |
| Exclusive Divi | Cross-Site Scripting (XSS) |
| Explara Events | Cross-Site Scripting (XSS) |
| Extensions for Elementor | Cross-Site Scripting (XSS) |
| EzyOnlineBookings Online Booking System Widget | Cross-Site Scripting (XSS) |
| F4 Improvements | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Fabrica Synced Pattern Instances | Cross-Site Scripting (XSS) |
| Faltu Testimonial Rotator | Cross-Site Scripting (XSS) |
| Fancy Gallery | Cross-Site Scripting (XSS) |
| Fancy User List | Cross-Site Scripting (XSS) |
| FAQ Builder AYS | Cross-Site Scripting (XSS) |
| Fast Video and Image Display | Cross-Site Scripting (XSS) |
| FastBook – Responsive Appointment Booking and Scheduling System | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Fat Rat Collect | Cross-Site Scripting (XSS) |
| Favicon My Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Featured Posts Scroll | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Featured product by category name | Cross-Site Scripting (XSS) |
| Fence URL | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| File Select Control For Elementor | Cross-Site Scripting (XSS) |
| Fintelligence Calculator | Cross-Site Scripting (XSS) |
| Firework Shoppable Live Video | Cross-Site Scripting (XSS) |
| Flash Show And Hide Box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Footer Flyout Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Form Maker by 10Web | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Formidable Forms | Cross-Site Scripting (XSS) |
| Formidable Forms | Cross-Site Scripting (XSS) from Custom HTML Form Parameter |
| Forms: 3rd-Party Post Again | Cross-Site Scripting (XSS) |
| ForumEngine Theme | Cross-Site Scripting (XSS) |
| FraudLabs Pro SMS Verification | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Friendly Functions for Welcart | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| FriendStore for WooCommerce | Cross-Site Scripting (XSS) |
| Gallery Blocks with Lightbox | Cross-Site Scripting (XSS) |
| Gameplan Theme | Cross-Site Scripting (XSS) |
| GD bbPress Attachments | Cross-Site Scripting (XSS) |
| GD Rating System | Cross-Site Scripting (XSS) from extra_class Parameter |
| Generic Elements | Cross-Site Scripting (XSS) |
| Geoportail Shortcode | Cross-Site Scripting (XSS) |
| Geotagged Media | Cross-Site Scripting (XSS) |
| Getwid – Gutenberg Blocks | Cross-Site Scripting (XSS) |
| GMO Social Connection | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Google Plus Share and +1 Button | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Google Visualization Charts | Cross-Site Scripting (XSS) |
| GoQMieruca | Cross-Site Scripting (XSS) |
| GoQSmile | Cross-Site Scripting (XSS) |
| GreenCon | Cross-Site Scripting (XSS) |
| Grey Owl Lightbox | Cross-Site Scripting (XSS) |
| Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) |
| Gutenium Blocks | Cross-Site Scripting (XSS) |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) from Image Comparison |
| Header Footer Composer for Elementor | Cross-Site Scripting (XSS) |
| Hebrew Date | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Hide My WP Ghost | Cross-Site Scripting (XSS) from URL |
| HIPAAtizer | Cross-Site Scripting (XSS) |
| HLS Player | Cross-Site Scripting (XSS) |
| Hola Free Video Player | Cross-Site Scripting (XSS) |
| Hotlink2Watermark | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| HQ60 Fidelity Card | Cross-Site Scripting (XSS) |
| HT Builder – WordPress Theme Builder for Elementor | Cross-Site Scripting (XSS) |
| HT Politic | Cross-Site Scripting (XSS) |
| HTML5 Lyrics Karaoke Player | Cross-Site Scripting (XSS) |
| HUSKY | Cross-Site Scripting (XSS) from really_curr_tax Parameter |
| I Plant A Tree | Cross-Site Scripting (XSS) |
| IA Map Analytics Basic | Cross-Site Scripting (XSS) |
| IceStats | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Icon Widget | Cross-Site Scripting (XSS) |
| Idealien Category Enhancements | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Image Carousel Shortcode | Cross-Site Scripting (XSS) |
| Image horizontal reel scroll slideshow | Cross-Site Scripting (XSS) |
| ImbaChat | Cross-Site Scripting (XSS) |
| imPress | Cross-Site Scripting (XSS) |
| Include Mastodon Feed | Cross-Site Scripting (XSS) |
| Infinite Slider | Cross-Site Scripting (XSS) |
| Inline Click To Tweet | Cross-Site Scripting (XSS) |
| IntelliWidget Elements | Cross-Site Scripting (XSS) |
| iPhone Webclip Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ITERAS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Jeg Elementor Kit | Cross-Site Scripting (XSS) from JKit Countdown Widget |
| JetWidgets For Elementor | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Jigoshop – Store Toolkit | Cross-Site Scripting (XSS) |
| JobBoardWP – Job Board Listings and Submissions | Cross-Site Scripting (XSS) |
| Jobify - Job Board WordPress Theme | Cross-Site Scripting (XSS) |
| Jobs for WordPress | Cross-Site Scripting (XSS) |
| JS Help Desk – Best Help Desk & Support Plugin | Cross-Site Scripting (XSS) |
| Kevin's | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Keymaster Chord Notation Free | Cross-Site Scripting (XSS) |
| Kings Tab Slider | Cross-Site Scripting (XSS) |
| Knowledge Base | Cross-Site Scripting (XSS) |
| Kognetiks Chatbot for WordPress | Cross-Site Scripting (XSS) |
| Kudos Donations | Cross-Site Scripting (XSS) |
| Landing Page Cat | Cross-Site Scripting (XSS) |
| Lazy load videos and sticky control | Cross-Site Scripting (XSS) |
| LeadBoxer | Cross-Site Scripting (XSS) |
| LeanPress | Cross-Site Scripting (XSS) |
| LearnPress Export Import | Cross-Site Scripting (XSS) |
| LegalWeb Cloud | Cross-Site Scripting (XSS) |
| Lenxel Core for Lenxel(LNX) LMS | Cross-Site Scripting (XSS) |
| Lenxel Core for Lenxel(LNX) LMS | Cross-Site Scripting (XSS) |
| Lewe Bootstrap Visuals | Cross-Site Scripting (XSS) |
| LGPD Framework | Cross-Site Scripting (XSS) |
| Library Bookshelves | Cross-Site Scripting (XSS) |
| Linear | Cross-Site Scripting (XSS) |
| LinkLaunder SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| LIQUID BLOCKS | Cross-Site Scripting (XSS) |
| Load More Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Location Click Map | Cross-Site Scripting (XSS) |
| Login with Vipps and MobilePay | Cross-Site Scripting (XSS) |
| Loginplus | Cross-Site Scripting (XSS) |
| Logo Slider | Cross-Site Scripting (XSS) |
| Logo Slider | Cross-Site Scripting (XSS) |
| LSX Tour Operator | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Luzuk Slider | Cross-Site Scripting (XSS) |
| Luzuk Team | Cross-Site Scripting (XSS) |
| Luzuk Testimonials | Cross-Site Scripting (XSS) |
| Mage Front End Forms | Cross-Site Scripting (XSS) |
| Magic Slider | Cross-Site Scripting (XSS) |
| Mail Picker | Cross-Site Scripting (XSS) |
| MailChimp Forms by MailMunch | Cross-Site Scripting (XSS) |
| MailMunch – Grow your Email List | Cross-Site Scripting (XSS) |
| MailPoet | Cross-Site Scripting (XSS) |
| Map Store Locator | Cross-Site Scripting (XSS) |
| Mapme | Cross-Site Scripting (XSS) |
| MapPress Maps for WordPress | Cross-Site Scripting (XSS) from Map Block |
| Mapster WP Maps | Cross-Site Scripting (XSS) |
| Master Addons for Elementor | Cross-Site Scripting (XSS) |
| Master Bar | Cross-Site Scripting (XSS) |
| MDC YouTube Downloader | Cross-Site Scripting (XSS) |
| MDR Webmaster Tools | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Media Library Tools | Cross-Site Scripting (XSS) from SVG |
| Memberlite Shortcodes | Cross-Site Scripting (XSS) from memberlite_accordion Shortcode |
| Meteor Slides | Cross-Site Scripting (XSS) |
| MG Post Contributors | Cross-Site Scripting (XSS) |
| Minical Hotel Booking Plugin | Cross-Site Scripting (XSS) |
| Mins To Read (BAC) | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mobile Kiosk | Cross-Site Scripting (XSS) |
| Mobilize | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Moka Get Posts Shortcode | Cross-Site Scripting (XSS) |
| Moose Elementor Kit | Cross-Site Scripting (XSS) |
| MP3 Audio Player for Music, Radio & Podcast by Sonaar | Cross-Site Scripting (XSS) from sonaar_audioplayer Shortcode |
| Multi Feed Read (BAC)er | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Multi-day Booking Calendar | Cross-Site Scripting (XSS) |
| Multifox Plus | Cross-Site Scripting (XSS) |
| Multilevel Referral Affiliate Plugin for WooCommerce | Cross-Site Scripting (XSS) |
| Multiple Votes in one page | Cross-Site Scripting (XSS) |
| My Restaurant Menu | Cross-Site Scripting (XSS) |
| myCred | Cross-Site Scripting (XSS) |
| MyCurator Content Curation | Cross-Site Scripting (XSS) |
| Narnoo Commerce Manager | Cross-Site Scripting (XSS) |
| Naver Blog | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| News Articles | Cross-Site Scripting (XSS) |
| News Ticker | Cross-Site Scripting (XSS) |
| NextGEN Gallery | Cross-Site Scripting (XSS) |
| NiceJob | Cross-Site Scripting (XSS) |
| NV Slider | Cross-Site Scripting (XSS) |
| Official SalesWizard CRM Plugin | Cross-Site Scripting (XSS) |
| Olympus Shortcodes | Cross-Site Scripting (XSS) |
| Open edX LMS | Cross-Site Scripting (XSS) |
| OpenCart Product Display | Cross-Site Scripting (XSS) |
| Ortto | Cross-Site Scripting (XSS) |
| OS BXSlider | Cross-Site Scripting (XSS) |
| OS Our Team | Cross-Site Scripting (XSS) |
| OS Pricing Tables | Cross-Site Scripting (XSS) |
| OSM – OpenStreetMap | Cross-Site Scripting (XSS) |
| Otter - Gutenberg Block | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Out Of Stock Badge | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Page Parts | Cross-Site Scripting (XSS) |
| Parallax Image | Cross-Site Scripting (XSS) from position Parameter |
| Parallaxer | Cross-Site Scripting (XSS) |
| ParOne Feeds | Cross-Site Scripting (XSS) |
| Parsi Date | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Pay With Stripe | Cross-Site Scripting (XSS) |
| PayPal Responder | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Pdf Embedder Fay | Cross-Site Scripting (XSS) |
| PDF Invoices & Packing Slips Generator for WooCommerce | Cross-Site Scripting (XSS) |
| PeachPay Payments | Cross-Site Scripting (XSS) |
| Persian Nested Show/Hide Text | Cross-Site Scripting (XSS) |
| PF Timer | Cross-Site Scripting (XSS) |
| Photo Gallery by 10Web | Cross-Site Scripting (XSS) |
| Photo Video Store | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Photographer Connections | Cross-Site Scripting (XSS) |
| Pixobe Cartography | Cross-Site Scripting (XSS) |
| PJW Mime Config | Cross-Site Scripting (XSS) |
| Platform.ly Official | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Plenigo | Cross-Site Scripting (XSS) |
| Pods | Cross-Site Scripting (XSS) |
| Popup Image | Cross-Site Scripting (XSS) |
| Post By Email | Cross-Site Scripting (XSS) |
| Post Carousel Slider for Elementor | Cross-Site Scripting (XSS) |
| Post Hits Counter | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Postcasa Shortcode | Cross-Site Scripting (XSS) |
| Postify: Post Layout For Elementor | Cross-Site Scripting (XSS) |
| Posts Filter | Cross-Site Scripting (XSS) |
| Posts Search | Cross-Site Scripting (XSS) |
| Pricing Tables For WPBakery Page Builder | Cross-Site Scripting (XSS) from wdo_pricing_tables Shortcode |
| Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) from Blog Widget |
| Print PDF Generator and Publisher | Cross-Site Scripting (XSS) |
| Pro Addons For Elementor | Cross-Site Scripting (XSS) |
| Product Delivery Date for WooCommerce – Lite | Cross-Site Scripting (XSS) |
| Product Designer | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| PropertyShift | Cross-Site Scripting (XSS) |
| Protect Your Content | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Provide Forex Signals | Cross-Site Scripting (XSS) |
| Pull This | Cross-Site Scripting (XSS) |
| Pure CSS Circle Progress Bar | Cross-Site Scripting (XSS) |
| Quotes llama | Cross-Site Scripting (XSS) |
| ra_qrcode | Cross-Site Scripting (XSS) |
| Ragic Shortcode | Cross-Site Scripting (XSS) |
| Random Banner | Cross-Site Scripting (XSS) |
| Random Featured Post | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Razorpay Payment Button | Cross-Site Scripting (XSS) |
| Razorpay Payment Button Elementor Plugin | Cross-Site Scripting (XSS) |
| Realty by BestWebSoft | Cross-Site Scripting (XSS) |
| RealtyCandy IDX Broker Extended | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| ReCaptcha Integration for WordPress | Cross-Site Scripting (XSS) |
| RecipePress Reloaded | Cross-Site Scripting (XSS) |
| ReConstruction Theme | Cross-Site Scripting (XSS) |
| Redirecter | Cross-Site Scripting (XSS) |
| Registrations for the Events Calendar | Unauthenticated Cross-Site Scripting (XSS) |
| Rescue Shortcodes | Cross-Site Scripting (XSS) from rescue_progressbar Shortcode |
| Responsive Addons for Elementor | Cross-Site Scripting (XSS) |
| Responsive Data Table | Cross-Site Scripting (XSS) |
| Responsive Flickr Gallery | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Restaurant Menu – Food Ordering System – Table Reservation | Cross-Site Scripting (XSS) |
| Rig Elements For Elementor | Cross-Site Scripting (XSS) |
| RingCentral Communications | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Royal Elementor Addons | DOM-Based Cross-Site Scripting (XSS) from Form Builder Widget |
| RSS Feed Widget | Cross-Site Scripting (XSS) |
| RSV 360 View | Cross-Site Scripting (XSS) |
| RSV PDF Preview | Cross-Site Scripting (XSS) |
| Run Contests, Raffles, and Giveaways with ContestsWP | Cross-Site Scripting (XSS) |
| Safe SVG | Cross-Site Scripting (XSS) |
| salavat counter | Cross-Site Scripting (XSS) |
| Saragna | Cross-Site Scripting (XSS) |
| Sassy Social Share | Cross-Site Scripting (XSS) from heateor_mastodon_share Parameter |
| Sastra Essential Addons for Elementor | Cross-Site Scripting (XSS) |
| Satisfaction Reports from Help Scout | Cross-Site Scripting (XSS) |
| Save as PDF plugin by Pdfcrowd | Cross-Site Scripting (XSS) |
| scrollup | Cross-Site Scripting (XSS) |
| Search order by product SKU for WooCommerce | Cross-Site Scripting (XSS) |
| Sell Media File with Stripe | Cross-Site Scripting (XSS) |
| Semantic Shortcode | Cross-Site Scripting (XSS) |
| Seo Free | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SEO Landing Page Generator | Cross-Site Scripting (XSS) |
| SEO Plugin by Squirrly SEO | Cross-Site Scripting (XSS) |
| Seriously Simple Podcasting | Cross-Site Scripting (XSS) |
| SH Slideshow | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Shine PDF Embeder | Cross-Site Scripting (XSS) |
| Shortcode Collection | Cross-Site Scripting (XSS) |
| Shortcodes Blocks Creator Ultimate | Cross-Site Scripting (XSS) from Shortcode |
| Silverlight Video Player | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple File List | Cross-Site Scripting (XSS) |
| Simple Header and Footer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Modal | Cross-Site Scripting (XSS) |
| Simple Page Specific Sidebars | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Simple Popup | Cross-Site Scripting (XSS) |
| Simple Pricing Table | Cross-Site Scripting (XSS) |
| Simple Shortcode for Google Maps | Cross-Site Scripting (XSS) |
| Simple Side Tab | Cross-Site Scripting (XSS) |
| Simple Social Share Block | Cross-Site Scripting (XSS) |
| Simple Travel Map | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SimpleForm | Cross-Site Scripting (XSS) |
| SimpleForm Contact Form Submissions | Cross-Site Scripting (XSS) |
| SimpleGMaps | Cross-Site Scripting (XSS) |
| SimpleSchema | Cross-Site Scripting (XSS) |
| Simplistic SEO | Cross-Site Scripting (XSS) |
| Simpul Events by Esotech | Cross-Site Scripting (XSS) |
| Skip To | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Skt NURCaptcha | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Slick Sitemap | Cross-Site Scripting (XSS) |
| Slickstream | Cross-Site Scripting (XSS) from slick-grid Shortcode |
| Slotti Ajanvaraus | Cross-Site Scripting (XSS) |
| SmartLink Dynamic URLs | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Smooth Maps | Cross-Site Scripting (XSS) |
| Social button | Cross-Site Scripting (XSS) |
| Social Locker | Cross-Site Scripting (XSS) |
| Social Proof (Testimonial) Slider | Cross-Site Scripting (XSS) |
| Softtemplates For Elementor | Cross-Site Scripting (XSS) |
| Sp*tify Play Button for WordPress | Cross-Site Scripting (XSS) from spotifyplaybutton Shortcode |
| Sparkle Elementor Kit | Cross-Site Scripting (XSS) |
| SpatialMatch IDX | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SrcSet Responsive Images for WordPress | Cross-Site Scripting (XSS) |
| Steel | Cross-Site Scripting (XSS) |
| Sticky Social Bar | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Sticky Social Icons | Cross-Site Scripting (XSS) |
| Storely Theme | Cross-Site Scripting (XSS) |
| StreamWeasels Online Status Bar | Cross-Site Scripting (XSS) |
| StreamWeasels YouTube Integration | Cross-Site Scripting (XSS) |
| Stripe Donation | Cross-Site Scripting (XSS) |
| Stylish Internal Links | Cross-Site Scripting (XSS) |
| Subaccounts for WooCommerce | Cross-Site Scripting (XSS) |
| SuevaFree Essential Kit | Cross-Site Scripting (XSS) |
| Sugar Calendar (Lite) | Cross-Site Scripting (XSS) |
| Support SVG | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Surbma | Font Awesome | Cross-Site Scripting (XSS) |
| SV Forms | Cross-Site Scripting (XSS) |
| SVG Block | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| SVG Case Study | Cross-Site Scripting (XSS) |
| SVGPlus | Cross-Site Scripting (XSS) |
| SVT Simple | Cross-Site Scripting (XSS) |
| System Dashboard | Unauthenticated Cross-Site Scripting (XSS) |
| Table of Contents Plus | Cross-Site Scripting (XSS) |
| Tailored Tools | Cross-Site Scripting (XSS) |
| Team Showcase and Slider – Team Members Builder | Cross-Site Scripting (XSS) |
| TeleAdmin | Cross-Site Scripting (XSS) |
| Testimonial Slider Shortcode | Cross-Site Scripting (XSS) |
| Text Advertisements | Cross-Site Scripting (XSS) |
| The Pack Elementor addons | Cross-Site Scripting (XSS) |
| Theater for WordPress | Cross-Site Scripting (XSS) |
| ThemeFuse Maintenance Mode | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Themify Builder | Cross-Site Scripting (XSS) |
| Third Party Cookie Eraser | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Tigris Flexplatform | Cross-Site Scripting (XSS) |
| TinyCode | Cross-Site Scripting (XSS) |
| TM Islamic Helper | Cross-Site Scripting (XSS) |
| Topbar ID for Elementor | Cross-Site Scripting (XSS) |
| Trendy Restaurant Menu | Cross-Site Scripting (XSS) |
| Tribute Testimonials | Cross-Site Scripting (XSS) |
| Twitter @Anywhere Plus | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Twitter Follow Button | Cross-Site Scripting (XSS) from username Parameter |
| Twitter real time search scrolling | Cross-Site Scripting (XSS) |
| Ultimate Accordion | Cross-Site Scripting (XSS) |
| Ultimate Classified Listings | Cross-Site Scripting (XSS) |
| Ultimate Flipbox Addon for Elementor | Cross-Site Scripting (XSS) |
| UPDATE NOTIFICATIONS | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| User Password Reset | Cross-Site Scripting (XSS) |
| Utech Spinning Earth | Cross-Site Scripting (XSS) |
| UW Freelancer | Cross-Site Scripting (XSS) |
| Vertical Carousel | Cross-Site Scripting (XSS) |
| Video Lessons Manager | Cross-Site Scripting (XSS) |
| Video Player for WPBakery | Cross-Site Scripting (XSS) |
| VP Sitemap | Cross-Site Scripting (XSS) |
| W3P SEO | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Wc Recently viewed products | Cross-Site Scripting (XSS) |
| Wd-image-magnifier-xoss | Cross-Site Scripting (XSS) |
| WE – Client Logo Carousel | Cross-Site Scripting (XSS) |
| Weather Atlas Widget | Cross-Site Scripting (XSS) |
| Web Stories Widgets For Elementor | Cross-Site Scripting (XSS) |
| Webriti Custom Login | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Websand Subscription Form | Cross-Site Scripting (XSS) |
| Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera | Cross-Site Scripting (XSS) |
| Wezido | Cross-Site Scripting (XSS) |
| What Would Seth Godin Do | Cross-Site Scripting (XSS) |
| While Loading | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WIP Incoming Lite | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Wishlist for WooCommerce Pro | Cross-Site Scripting (XSS) |
| WooCommerce Price Alert | Cross-Site Scripting (XSS) |
| WooCommerce Product Table Lite | Unauthenticated Arbitrary Shortcode Execution (BAC) & Cross-Site Scripting (XSS) |
| WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates | Cross-Site Scripting (XSS) |
| WordPress Announcement & Notification Banner Plugin – Bulletin | Cross-Site Scripting (XSS) |
| WordPress Brute Force Protection – Stop Brute Force Attacks | Cross-Site Scripting (XSS) |
| WordPress GDPR & CCPA | Unauthenticated Cross-Site Scripting (XSS) |
| WordPress Portfolio Builder – Portfolio Gallery | Cross-Site Scripting (XSS) |
| WordPress Premium Packages | Cross-Site Scripting (XSS) from add_query_arg |
| WoW Guild Armory Roster | Cross-Site Scripting (XSS) |
| WP Activity Log | Unauthenticated Cross-Site Scripting (XSS) |
| WP Agenda | Cross-Site Scripting (XSS) |
| wp auto top | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Course Manager | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP e-Commerce Style Email | Cross-Site Scripting (XSS) |
| WP Find Your Nearest | Cross-Site Scripting (XSS) |
| WP Githuber MD | Cross-Site Scripting (XSS) |
| WP Job Portal | Cross-Site Scripting (XSS) |
| WP Listings Pro | Cross-Site Scripting (XSS) |
| WP Mailster | Cross-Site Scripting (XSS) |
| WP MathJax | Cross-Site Scripting (XSS) |
| WP Mermaid | Cross-Site Scripting (XSS) |
| WP MMenu Lite | Cross-Site Scripting (XSS) |
| WP PagSeguro Payments | Cross-Site Scripting (XSS) |
| WP Pocket URLs | Cross-Site Scripting (XSS) |
| WP Popup Window Maker | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Responsive Video | Cross-Site Scripting (XSS) |
| Wp Slide Categorywise | Cross-Site Scripting (XSS) |
| WP ULike | Cross-Site Scripting (XSS) from Widgets |
| WP Virtual Room Configurator | Cross-Site Scripting (XSS) |
| WP Visual Adverts | Cross-Site Scripting (XSS) |
| wp_automatic_widget | Cross-Site Scripting (XSS) |
| WP-Basics | Cross-Site Scripting (XSS) |
| Wp-ImageZoom | Cross-Site Scripting (XSS) |
| WP-ISPConfig 3 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| wp-login customizer | Cross-Site Scripting (XSS) |
| WP-Strava | Cross-Site Scripting (XSS) |
| WPAdverts – Classifieds Plugin | Cross-Site Scripting (XSS) |
| WPBakery Visual Composer WHMCS Elements | Cross-Site Scripting (XSS) from void_wbwhmcse_laouts_search Shortcode |
| WPFunnels | Cross-Site Scripting (XSS) |
| WPHelpful | Cross-Site Scripting (XSS) |
| WS Form LITE | Cross-Site Scripting (XSS) from URL |
| xili-tidy-tags | Cross-Site Scripting (XSS) |
| XT Floating Cart for WooCommerce | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| YaDisk Files | Cross-Site Scripting (XSS) |
| YaDisk Files | Cross-Site Scripting (XSS) from Shortcode |
| Yahoo! WebPlayer | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Yotpo | Cross-Site Scripting (XSS) |
| Youneeq Recommendations | Cross-Site Scripting (XSS) |
| yPHPlista | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| yPHPlista | Cross-Site Scripting (XSS) |
| Zajax – Ajax Navigation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Znajdź Pracę z Praca.pl | Cross-Site Scripting (XSS) |
| 소셜 공유 버튼 By 코스모스팜 | Cross-Site Scripting (XSS) |
| 우커머스 네이버페이 | Cross-Site Scripting (XSS) from mnp_purchase Shortcode |
| 워드프레스 결제 심플페이 | Cross-Site Scripting (XSS) pafw_instant_payment Shortcode |
| 코드엠샵 소셜톡 | Cross-Site Scripting (XSS) from add_plus_friends and add_plus_talk Shortcodes |
| 活动链接推广插件 | Cross-Site Scripting (XSS) |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 3376 |
MANAGED WP/Woo SECURITY: WP XSS DEC 2024 – WP Cross-Site Scripting
WP XSS NOV 2024: 377 Effortless WP Cross-Site Scripting
WP XSS NOV 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS NOV 2024 is a +51% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
WP XSS OCT 2024: 250 Effortless WP Cross-Site Scripting
WP XSS OCT 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS OCT 2024 is similarly HIGH compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security…
WP XSS SEP 2024: 251 Effortless WP Cross-Site Scripting
WP XSS SEP 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS SEP 2024 is a -11% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting
WP XSS AUG 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS AUG 2024 is a -7% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
Table of Contents
- WP XSS DEC 2024 - WP Cross-Site Scripting
- Managed WP/Woo Security Report
- Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
- Today's reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order your WP Cross-Site Scripting Patch Management.
- Get security LIVEPATCH
- Stay informed
- Need managed WP security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.
- MANAGED WP/Woo SECURITY: WP XSS DEC 2024 – WP Cross-Site Scripting
- WP XSS NOV 2024: 377 Effortless WP Cross-Site Scripting
- WP XSS OCT 2024: 250 Effortless WP Cross-Site Scripting
- WP XSS SEP 2024: 251 Effortless WP Cross-Site Scripting
- WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting
