WP XSS JUN 2025 - WP Cross-Site Scripting
Managed WP/Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS JUN 2025 is a -51% DECREASE, compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, โ OR โ switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed WP Security.
Wp Xss Jun 2025: 332 Effortless Wp Cross-Site Scripting (Infographic)
The following cases made headlines PUBLICLY just last month in the WP XSS JUN 2025 & WP Cross-Site Scripting category:
| 360 Product Rotation | Cross-Site Scripting (XSS) |
| 4stats | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| aBlocks | Cross-Site Scripting (XSS) |
| Abundatrade | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Accept Donations with PayPal | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Active Products Tables for WooCommerce | Cross-Site Scripting (XSS) |
| Additional Custom Emails & Recipients for WooCommerce | Cross-Site Scripting (XSS) |
| Ads Pro Plugin | Cross-Site Scripting (XSS) |
| Advanced Cron Manager โ debug & control | Cross-Site Scripting (XSS) |
| Advanced Page Visit Counter | Cross-Site Scripting (XSS) |
| Advanced Reorder Image Text Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advance Post Prefix | Cross-Site Scripting (XSS) |
| AffiliateImporterEb | Cross-Site Scripting (XSS) |
| AffiliateImporterEb | Cross-Site Scripting (XSS) from Search |
| Affiliates Manager Google reCAPTCHA Integration | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Ajax Load More | Cross-Site Scripting (XSS) |
| Ajax Search Lite | Cross-Site Scripting (XSS) |
| Alink Tap | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| All In One SEO Pack | Cross-Site Scripting (XSS) from Post Meta Description and Canonical URL |
| AlT Monitoring | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Amazon Product in a Post | Cross-Site Scripting (XSS) |
| AM LottiePlayer | Cross-Site Scripting (XSS) from Uploaded Lottie File |
| Animated Buttons | Cross-Site Scripting (XSS) |
| Aptivada for WP | Cross-Site Scripting (XSS) |
| Arconix Shortcodes | Cross-Site Scripting (XSS) |
| ARForms Form Builder | Unauthenticated Cross-Site Scripting (XSS) |
| Audio Comments | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Auto Prune Posts | Cross-Site Scripting (XSS) |
| AWcode Toolkit | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| AWeber | Cross-Site Scripting (XSS) |
| AWEOS WP Lock | Cross-Site Scripting (XSS) |
| Awesome Gallery | Cross-Site Scripting (XSS) |
| B2i Investor Tools | Cross-Site Scripting (XSS) |
| BabelZ | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Back Button Widget | Cross-Site Scripting (XSS) |
| Backup Database | Cross-Site Scripting (XSS) |
| Badgearoo | Cross-Site Scripting (XSS) |
| Badgearoo | Cross-Site Scripting (XSS) |
| Beds24 Online Booking | Cross-Site Scripting (XSS) |
| Better Search | Cross-Site Scripting (XSS) |
| Blockspare | Cross-Site Scripting (XSS) |
| Blog2Social | Cross-Site Scripting (XSS) |
| Bloggie Theme | Cross-Site Scripting (XSS) |
| BMI Adult & Kid Calculator | Cross-Site Scripting (XSS) |
| BNS Twitter Follow Button | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) from additional_settings Parameter |
| Bon Toolkit | Cross-Site Scripting (XSS) |
| Booking Calendar | Cross-Site Scripting (XSS) from wpbc Shortcode |
| Broadstreet Ads | Cross-Site Scripting (XSS) |
| Buddyboss Platform | Cross-Site Scripting (XSS) from 'invitee_name' |
| bunny.net | Cross-Site Scripting (XSS) |
| Butcher Theme | Cross-Site Scripting (XSS) |
| CarDealerPress | Cross-Site Scripting (XSS) from saleclass Parameter |
| Category Widget | Cross-Site Scripting (XSS) |
| CBX Map for Google Map & OpenStreetMap | Cross-Site Scripting (XSS) |
| CC BMI Calculator | Cross-Site Scripting (XSS) |
| Change Add and Cart Button Text for WooCommerce | Cross-Site Scripting (XSS) |
| Charitable | Cross-Site Scripting (XSS) |
| ChatBot | Cross-Site Scripting (XSS) |
| Cision Block | Cross-Site Scripting (XSS) from id Parameter |
| Clasify Classified Listing | Cross-Site Scripting (XSS) |
| Clicksold IDX | Cross-Site Scripting (XSS) |
| ClipArt | Cross-Site Scripting (XSS) |
| CM Tooltip Glossary | Cross-Site Scripting (XSS) |
| Color Your Bar | Cross-Site Scripting (XSS) |
| Contact Form 7 โ PayPal & Stripe Add-on | Cross-Site Scripting (XSS) |
| Contact Form builder with drag & drop Kali Forms | Cross-Site Scripting (XSS) |
| Contact Form by WPForms | Cross-Site Scripting (XSS) from 'start_timestamp' Parameter |
| Contact Form & Lead Form Elementor Builder | Cross-Site Scripting (XSS) |
| Content Control | Cross-Site Scripting (XSS) |
| Contest Gallery | Cross-Site Scripting (XSS) from id Parameter |
| Contextual Related Posts | Cross-Site Scripting (XSS) |
| Contribuinte Checkout | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CookieCode | Cross-Site Scripting (XSS) |
| Cost Calculator Builder | Cross-Site Scripting (XSS) |
| Cost Calculator for Elementor | Cross-Site Scripting (XSS) |
| Cost of Goods for WooCommerce | Cross-Site Scripting (XSS) |
| Countdown Timer | Cross-Site Scripting (XSS) |
| Coupons & Add and Cart by URL Links for WooCommerce | Cross-Site Scripting (XSS) |
| CP Polls | Cross-Site Scripting (XSS) |
| Crossword Compiler Puzzles | Cross-Site Scripting (XSS) |
| CSS3 Accordions for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CTT Expresso para WooCommerce | Cross-Site Scripting (XSS) |
| Custom Checkout Fields for WooCommerce | Cross-Site Scripting (XSS) |
| Custom Field Manager | Cross-Site Scripting (XSS) |
| Custom Login and Registration | Cross-Site Scripting (XSS) |
| CYAN Backup | Cross-Site Scripting (XSS) from General Settings |
| DELUCKS SEO | Cross-Site Scripting (XSS) |
| Ditty | Cross-Site Scripting (XSS) |
| DL Verification | Cross-Site Scripting (XSS) |
| DL Yandex Metrika | Cross-Site Scripting (XSS) |
| DoFollow Case by Case | Cross-Site Scripting (XSS) |
| Dokan Pro | Cross-Site Scripting (XSS) |
| Dot html,php,xml etc pages | Cross-Site Scripting (XSS) |
| Download Manager | Cross-Site Scripting (XSS) |
| DPEPress | Cross-Site Scripting (XSS) |
| DZS Video Gallery | Cross-Site Scripting (XSS) |
| EAN for WooCommerce | Cross-Site Scripting (XSS) |
| Easy Digital Downloads | Cross-Site Scripting (XSS) from edd_receipt Shortcode |
| Easy PayPal Buy Now Button | Cross-Site Scripting (XSS) |
| Easy Property Listings | Cross-Site Scripting (XSS) |
| Ebook Store | Cross-Site Scripting (XSS) |
| EC Authorize.net | Cross-Site Scripting (XSS) |
| EG-Series | Cross-Site Scripting (XSS) from Shortcode |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| ELI's Related Posts Footer Links and Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Email Notification on Login | Cross-Site Scripting (XSS) |
| Essential Blocks for Gutenberg | Cross-Site Scripting (XSS) from Slider and Post Carousel Widgets |
| Event Calendar | Cross-Site Scripting (XSS) |
| EventON | Missing Authorization (BAC) and Cross-Site Scripting (XSS) |
| Everest Forms | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) from Countdown Timer Widget |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
| Firelight Lightbox | Cross-Site Scripting (XSS) |
| Formality | Cross-Site Scripting (XSS) from align Parameter |
| Form Maker by 10Web | Cross-Site Scripting (XSS) |
| Form Maker by 10Web | Cross-Site Scripting (XSS) from Theme Title |
| Formulario de contacto SalesUp! | Cross-Site Scripting (XSS) |
| Free Shipping Bar: Amount Left for Free Shipping for WooCommerce | Cross-Site Scripting (XSS) |
| Full Screen (Page) Background Image Slideshow | Cross-Site Scripting (XSS) |
| FunnelCockpit | Cross-Site Scripting (XSS) |
| GDPR Cookie Consent | Unauthenticated Cross-Site Scripting (XSS) |
| GDPR Framework By Data443 | Cross-Site Scripting (XSS) |
| Gearside Developer Dashboard | Cross-Site Scripting (XSS) |
| Geocache Stat Bar Widget | Cross-Site Scripting (XSS) |
| GmapsMania | Cross-Site Scripting (XSS) from Shortcode |
| Goodlayers Hostel | Cross-Site Scripting (XSS) |
| Goodlayers Hotel | Cross-Site Scripting (XSS) |
| Happyforms | Cross-Site Scripting (XSS) |
| HD Quiz | Cross-Site Scripting (XSS) |
| Hot Random Image | Cross-Site Scripting (XSS) from link Parameter |
| Hustle | Cross-Site Scripting (XSS) |
| If-So Dynamic Content Personalization | Shortcode Cross-Site Scripting (XSS) |
| IGIT Related Posts With Thumb Image After Posts | Cross-Site Scripting (XSS) |
| illi Link Party! | Cross-Site Scripting (XSS) |
| Import Export For WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Import Social Events | Cross-Site Scripting (XSS) |
| Inline Related Posts | Cross-Site Scripting (XSS) |
| Instagram Feed | Cross-Site Scripting (XSS) from `data-plugin` Attribute |
| JavaScript Logic | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Jeg Elementor Kit | Cross-Site Scripting (XSS) from Video Button and Countdown Widgets |
| Jetpack | Cross-Site Scripting (XSS) |
| Jetpack Boost | Cross-Site Scripting (XSS) |
| JSFiddle Shortcode | Cross-Site Scripting (XSS) from Shortcode |
| JupiterX Core | Cross-Site Scripting (XSS) |
| JupiterX Core | Cross-Site Scripting (XSS) from Inline SVG |
| jwp-a11y | Cross-Site Scripting (XSS) |
| KBucket | Cross-Site Scripting (XSS) |
| KBucket | Cross-Site Scripting (XSS) |
| KiwiChat NextClient | Cross-Site Scripting (XSS) from url Parameter |
| kStats Reloaded | Cross-Site Scripting (XSS) |
| LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) from Image Compare and Google Maps Widgets |
| LA-Studio Element Kit for Elementor | DOM-Based Cross-Site Scripting (XSS) from data-lakit-element-link Parameter |
| LearnPress | Cross-Site Scripting (XSS) |
| Legal Terms and Conditions Popup for User Login and WooCommerce Checkout โ TPUL | Cross-Site Scripting (XSS) |
| LifterLMS | Cross-Site Scripting (XSS) |
| Logo Showcase | Cross-Site Scripting (XSS) |
| MailPoet | Cross-Site Scripting (XSS) |
| Map Block Leaflet | Cross-Site Scripting (XSS) from url Parameter |
| MapFig Studio | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| MapPress Maps for WordPress | Cross-Site Scripting (XSS) from Map Settings |
| MapSVG | Cross-Site Scripting (XSS) |
| MapSVG | Cross-Site Scripting (XSS) |
| Martins Free Monetized Ad Exchange Network | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Maspik โ Spam blacklist | Cross-Site Scripting (XSS) |
| MB Custom Post Types & Custom Taxonomies | Cross-Site Scripting (XSS) |
| Mega Menu Block | Cross-Site Scripting (XSS) |
| Meks Flexible Shortcodes | Cross-Site Scripting (XSS) |
| Meow Gallery | Cross-Site Scripting (XSS) |
| Minimal Share Buttons | Cross-Site Scripting (XSS) from align Parameter |
| Mobile Contact Bar | Cross-Site Scripting (XSS) |
| Mollie Forms | Cross-Site Scripting (XSS) |
| Multilingual CMS | Cross-Site Scripting (XSS) from wpml_language_switcher Shortcode |
| Multiple Post Type Order | Cross-Site Scripting (XSS) from mpto Shortcode |
| MultiVendorX | Cross-Site Scripting (XSS) |
| My Sticky Bar | Cross-Site Scripting (XSS) |
| N360 | Splash Screen | Cross-Site Scripting (XSS) |
| Nested Pages | Cross-Site Scripting (XSS) |
| Newsletter | Cross-Site Scripting (XSS) |
| NEX-Forms โ Ultimate Form Builder | Cross-Site Scripting (XSS) |
| NextGEN Gallery | DOM-Based Cross-Site Scripting (XSS) from SimpleLightbox JavaScript Library |
| NGG Smart Image Search | Cross-Site Scripting (XSS) |
| Ninja Forms | Cross-Site Scripting (XSS) |
| Ninja Tables Pro | Cross-Site Scripting (XSS) |
| NinjaTeam Chat for Telegram | Cross-Site Scripting (XSS) from username Parameter |
| Nokaut Offers Box | Cross-Site Scripting (XSS) |
| OpenSheetMusicDisplay | Cross-Site Scripting (XSS) from className Parameter |
| Order Delivery Date for WP e-Commerce | Cross-Site Scripting (XSS) |
| PageLayer | Cross-Site Scripting (XSS) |
| PageLayer | Cross-Site Scripting (XSS) from Button Link |
| PageLayer | Cross-Site Scripting (XSS) from login_url Parameter |
| Panorama โ WordPress Project Management Plugin | Cross-Site Scripting (XSS) |
| PeoplePond | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Personizely | Cross-Site Scripting (XSS) from widgetId Parameter |
| Photo Gallery by 10Web | Cross-Site Scripting (XSS) |
| Photo Gallery โ GT3 Image Gallery & Gutenberg Block Gallery | Cross-Site Scripting (XSS) |
| Planning Center Online Giving | Cross-Site Scripting (XSS) from Shortcode |
| Plugin Oficial โ Getnet para WooCommerce | Cross-Site Scripting (XSS) |
| Plugin Oficial โ Getnet para WooCommerce | Cross-Site Scripting (XSS) |
| Podlove Podcast Publisher | Cross-Site Scripting (XSS) |
| Podlove Podcast Publisher | Cross-Site Scripting (XSS) |
| Popup box | Cross-Site Scripting (XSS) |
| Post Grid, Post Carousel, & List Category Posts โ by Smart Post Show | Cross-Site Scripting (XSS) |
| Posts Extended | Cross-Site Scripting (XSS) from post_height Parameter |
| Posts per Cat | Cross-Site Scripting (XSS) |
| Prisna GWT โ Google Website Translator | Cross-Site Scripting (XSS) |
| Product Notes Tab & Private Admin Notes for WooCommerce | Cross-Site Scripting (XSS) |
| Product Time Countdown for WooCommerce | Cross-Site Scripting (XSS) |
| Profile Builder | Cross-Site Scripting (XSS) |
| profilepro | Cross-Site Scripting (XSS) |
| Progress Bar | Cross-Site Scripting (XSS) |
| PVN Auth Popup | Cross-Site Scripting (XSS) |
| PVN Auth Popup | Cross-Site Scripting (XSS) from Shortcode |
| PWA for WP & AMP | Cross-Site Scripting (XSS) |
| Qi Blocks | Cross-Site Scripting (XSS) from Counter Block |
| Quiz Maker | Cross-Site Scripting (XSS) |
| Quran multilanguage Text & Audio | Cross-Site Scripting (XSS) |
| Raisely Donation Form | Cross-Site Scripting (XSS) from raisely_donation_form Shortcode |
| Really Simple Under Construction Page | Cross-Site Scripting (XSS) |
| Real WP Shop Lite Ajax eCommerce Shopping Cart | Cross-Site Scripting (XSS) |
| ReDi Restaurant Reservation | Cross-Site Scripting (XSS) |
| RegistrationMagic | Cross-Site Scripting (XSS) |
| Relevanssi | Unauthenticated Cross-Site Scripting (XSS) from Search Highlights |
| Responsive Gallery Grid | Cross-Site Scripting (XSS) |
| Responsive Lightbox | Cross-Site Scripting (XSS) |
| Robo Gallery | Cross-Site Scripting (XSS) |
| Robo Gallery | Cross-Site Scripting (XSS) |
| Robo Gallery | Cross-Site Scripting (XSS) |
| Royal Elementor Addons | Cross-Site Scripting (XSS) |
| RS WP Book Showcase | Cross-Site Scripting (XSS) |
| S3Player โ WooCommerce & Elementor Integration | Cross-Site Scripting (XSS) |
| Sailthru Triggermail | Cross-Site Scripting (XSS) |
| Salon booking system | Cross-Site Scripting (XSS) |
| School Management | Cross-Site Scripting (XSS) |
| Section Widget | Cross-Site Scripting (XSS) |
| SendPulse Email Marketing Newsletter | Cross-Site Scripting (XSS) |
| SEO Flow by LupsOnline | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ShayanWeb Admin FontChanger | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Show All Comments | Cross-Site Scripting (XSS) |
| Simple Basic Contact Form | Cross-Site Scripting (XSS) |
| Simple Blog Stats | Cross-Site Scripting (XSS) |
| Simple Job Board | Cross-Site Scripting (XSS) |
| Simplelightbox | DOM-Based Cross-Site Scripting (XSS) from SimpleLightbox JavaScript Library |
| Simple Lightbox | Cross-Site Scripting (XSS) |
| Simple Shopping Cart | Cross-Site Scripting (XSS) from Shortcode |
| Sitewide Discount for WooCommerce: Apply Discount and All Products | Cross-Site Scripting (XSS) |
| SKT Blocks | Cross-Site Scripting (XSS) |
| SKT Skill Bar | Cross-Site Scripting (XSS) |
| Slim SEO | Cross-Site Scripting (XSS) from slim_seo_breadcrumbs Shortcode |
| Smart Forms | Cross-Site Scripting (XSS) |
| Smooth Gallery Replacement | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SMS Alert Order Notifications โ WooCommerce | Cross-Site Scripting (XSS) from sa_verify Shortcode |
| Social Media & Share Icons | Cross-Site Scripting (XSS) |
| Social Pug | Cross-Site Scripting (XSS) |
| Social Slider Feed | Cross-Site Scripting (XSS) from Widgets |
| Spiraclethemes Site Library | Cross-Site Scripting (XSS) |
| Spiritual Gifts Survey | Unauthenticated Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Stylish Price List | Cross-Site Scripting (XSS) |
| Submission DOM tracking for Contact Form 7 | Cross-Site Scripting (XSS) |
| Subpage List | Cross-Site Scripting (XSS) |
| Supertext Translation and Proofreading | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SureForms | Cross-Site Scripting (XSS) |
| SurveyJS | Cross-Site Scripting (XSS) from id Parameter |
| TablePress | DOM-Based Cross-Site Scripting (XSS) from Multiple Parameters |
| tagDiv Composer | Cross-Site Scripting (XSS) from Multiple Shortcodes |
| tarteaucitron.js for WordPress | Cross-Site Scripting (XSS) |
| tarteaucitron.js for WordPress | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Taxonomy Chain Menu | Cross-Site Scripting (XSS) from pn_chain_menu Shortcode |
| Team | Cross-Site Scripting (XSS) |
| The Events Calendar | Cross-Site Scripting (XSS) |
| theMarketer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Theme Blvd Sliders | Cross-Site Scripting (XSS) |
| The Ultimate WordPress Toolkit โ WP Extended | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Time Clock | Cross-Site Scripting (XSS) |
| TI WooCommerce Wishlist | Cross-Site Scripting (XSS) |
| TNC FlipBook | Cross-Site Scripting (XSS) |
| Top 10 | Cross-Site Scripting (XSS) |
| Tournamatch | Cross-Site Scripting (XSS) |
| Tracking Code Manager | Cross-Site Scripting (XSS) |
| Travelpayouts | Cross-Site Scripting (XSS) |
| Ultimate Blocks | Cross-Site Scripting (XSS) |
| Ultimate Blocks | Cross-Site Scripting (XSS) |
| Ultimate Noindex Nofollow Tool II | Cross-Site Scripting (XSS) |
| UltraAddons Elementor Lite | Cross-Site Scripting (XSS) |
| Uncanny Toolkit for LearnDash | Cross-Site Scripting (XSS) |
| User Login History | Cross-Site Scripting (XSS) |
| User Meta | Cross-Site Scripting (XSS) |
| VerticalResponse Newsletter Widget | Cross-Site Scripting (XSS) |
| VikBooking Hotel Booking Engine & PMS | Cross-Site Scripting (XSS) |
| Visual Composer Website Builder | Cross-Site Scripting (XSS) |
| Volunteer Sign Up Sheets | Cross-Site Scripting (XSS) |
| Weluka Lite | Cross-Site Scripting (XSS) |
| Widget Countdown | Cross-Site Scripting (XSS) |
| Wishlist for WooCommerce | Cross-Site Scripting (XSS) |
| WolfNet IDX | Cross-Site Scripting (XSS) |
| Woobox | Cross-Site Scripting (XSS) |
| Woobox | Cross-Site Scripting (XSS) |
| WooCommerce | PostMessage-Based Cross-Site Scripting (XSS) |
| WOOEXIM | Cross-Site Scripting (XSS) |
| WordPress่ฟๆฅๅพฎๅ | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| WPAdverts | Cross-Site Scripting (XSS) |
| WP Attachments | Cross-Site Scripting (XSS) from attachment_id Parameter |
| WPBakery Visual Composer WHMCS Elements | Cross-Site Scripting (XSS) |
| WPCHURCH | Cross-Site Scripting (XSS) |
| WP Content Copy Protection & No Right Click (premium) | Cross-Site Scripting (XSS) |
| WP Content Security Plugin | Unauthenticated Cross-Site Scripting (XSS) from CSP-Report Fields |
| WP DeskLite | Cross-Site Scripting (XSS) |
| WP Discord Invite | Cross-Site Scripting (XSS) |
| WP DPE-GES | Cross-Site Scripting (XSS) |
| WP ERP | Cross-Site Scripting (XSS) |
| WP Front User Submit / Front Editor | Cross-Site Scripting (XSS) |
| WP Google Map Plugin | Cross-Site Scripting (XSS) |
| WP Google Review Slider | Cross-Site Scripting (XSS) |
| WP Image Mask | Cross-Site Scripting (XSS) |
| WP jQuery DataTable | Cross-Site Scripting (XSS) |
| WP jQuery Lightbox | Cross-Site Scripting (XSS) |
| WP-Members | Cross-Site Scripting (XSS) from wpmem_user_memberships Shortcode |
| WP Notes Widget | Cross-Site Scripting (XSS) |
| WP Post Modules for Elementor | Cross-Site Scripting (XSS) |
| WP SEO Structured Data Schema | Cross-Site Scripting (XSS) from Plugin Settings |
| WP SMTP | Unauthenticated Cross-Site Scripting (XSS) from Email |
| WP YouTube Video Optimizer | Cross-Site Scripting (XSS) |
| WZ Followed Posts Display what visitors are reading | Cross-Site Scripting (XSS) |
| X Addons for Elementor | Cross-Site Scripting (XSS) |
| Xavin's List Subpages | Cross-Site Scripting (XSS) |
| Xavin's Review Ratings | Cross-Site Scripting (XSS) |
| xili-tidy-tags | Cross-Site Scripting (XSS) |
| Xpro Addons For Beaver Builder – Lite | Cross-Site Scripting (XSS) |
| Z-Downloads | Unauthenticated Cross-Site Scripting (XSS) |
| Z-Downloads | Cross-Site Scripting (XSS) from SVG Upload |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 3806 |
| WordPress Cross-Site Scripting (XSS) reported in 2025: | 3243 |
MANAGED WP/Woo SECURITY: WP XSS JUN 2025 โ WP Cross-Site Scripting
WP XSS MAY 2025: 677(!) Effortless WP Cross-Site Scripting (infographic)
Your Email (double opt-in) Vulnerability reports (monthly) ultrawp services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Agree with the privacy policy
WP XSS APR 2025: 404(!) Effortless WP Cross-Site Scripting
Your Email (double opt-in) Vulnerability reports (monthly) ultrawp services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Agree with the privacy policy
WP XSS MAR 2025: 443 Effortless WP Cross-Site Scripting
Your Email (double opt-in) Vulnerability reports (monthly) ultrawp services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Agree with the privacy policy
WP XSS FEB 2025: 957(!) Effortless WP Cross-Site Scripting
Your Email (double opt-in) Vulnerability reports (monthly) ultrawp services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Agree with the privacy policy
Table of Contents
- WP XSS JUN 2025 - WP Cross-Site Scripting
- Managed WP/Woo Security Report
- Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
- Today's reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order your WP Cross-Site Scripting Patch Management.
- Get security LIVEPATCH
- Stay informed
- Need managed WP security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.
- MANAGED WP/Woo SECURITY: WP XSS JUN 2025 โ WP Cross-Site Scripting
- WP XSS MAY 2025: 677(!) Effortless WP Cross-Site Scripting (infographic)
- WP XSS APR 2025: 404(!) Effortless WP Cross-Site Scripting
- WP XSS MAR 2025: 443 Effortless WP Cross-Site Scripting
- WP XSS FEB 2025: 957(!) Effortless WP Cross-Site Scripting
