WP XSS NOV 2024 - WP Cross-Site Scripting
Managed WP/Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS NOV 2024 is a +51% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed WP Security.
The following cases made headlines PUBLICLY just last month in the WP XSS NOV 2024 & WP Cross-Site Scripting category:
10Web Social Post Feed | Cross-Site Scripting (XSS) |
123.chat | Unauthenticated Cross-Site Scripting (XSS) |
2D Tag Cloud | Cross-Site Scripting (XSS) from add_query_arg Parameter |
AB Categories Search Widget | Cross-Site Scripting (XSS) |
Accordion Slider | Cross-Site Scripting (XSS) |
ACL Floating Cart for WooCommerce | Cross-Site Scripting (XSS) |
Add Categories Post Footer | Cross-Site Scripting (XSS) |
Add Widget After Content | Cross-Site Scripting (XSS) |
ADIF Log Search Widget | Cross-Site Scripting (XSS) |
Ad Inserter | Cross-Site Scripting (XSS) |
Admin Management Xtended | Cross-Site Scripting (XSS) |
Ads.txt & App-ads.txt Manager for WordPress | Cross-Site Scripting (XSS) |
Advanced Blocks Pro | Cross-Site Scripting (XSS) |
Advanced Category and Custom Taxonomy Image | Cross-Site Scripting (XSS) from ad_tax_image Shortcode |
Advanced Custom Fields | Cross-Site Scripting (XSS) |
Advanced Custom Fields PRO | Cross-Site Scripting (XSS) |
Advanced Sermons | Cross-Site Scripting (XSS) |
Affiliate Platform | Cross-Site Scripting (XSS) |
affiliate-toolkit | Cross-Site Scripting (XSS) from atkp_product Shortcode |
AffiliateX | Cross-Site Scripting (XSS) |
Aggregator Advanced Settings | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Agile Video Player Lite | Cross-Site Scripting (XSS) |
Ahmeti Wp Timeline | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Ajax Custom CSS and JS | Cross-Site Scripting (XSS) |
Ajax Load More | Cross-Site Scripting (XSS) from button_label Parameter |
Akismet htaccess writer | Cross-Site Scripting (XSS) |
Alley Elementor Widget | Cross-Site Scripting (XSS) |
All in One Slider | Cross-Site Scripting (XSS) |
Amilia Store | Cross-Site Scripting (XSS) |
Anchor Episodes Index (Spotify for Podcasters) | Cross-Site Scripting (XSS) |
Ancient World Linked Data | Cross-Site Scripting (XSS) |
Animator | Cross-Site Scripting (XSS) |
Arconix Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
Arconix Shortcodes | Cross-Site Scripting (XSS) from box Shortcode |
Arkhe Blocks | Cross-Site Scripting (XSS) |
Astra Widgets | Cross-Site Scripting (XSS) |
Auto Amazon Links | Cross-Site Scripting (XSS) |
Auto Featured Image from Title | Cross-Site Scripting (XSS) |
Auto iFrame | Cross-Site Scripting (XSS) from tag Parameter |
AVChat Video Chat | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
AVIF & SVG Uploader | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Awesome Buttons | Cross-Site Scripting (XSS) |
Awesome Contact Form7 for Elementor | Cross-Site Scripting (XSS) |
Bamazoo Button Generator | Cross-Site Scripting (XSS) |
Banner Slider | Cross-Site Scripting (XSS) |
Beaver Builder | Cross-Site Scripting (XSS) |
Beaver Builder | DOM-Based Cross-Site Scripting (XSS) from Button Widget |
Beek Widget Extention | Cross-Site Scripting (XSS) |
BerqWP | Cross-Site Scripting (XSS) |
Better Author Bio | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Bet WC 2018 Russia | Cross-Site Scripting (XSS) |
Black Widgets For Elementor | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
BlockMeister – Block Pattern Builder | Cross-Site Scripting (XSS) |
Booking Calendar | Cross-Site Scripting (XSS) |
Booking.com Banner Creator | Cross-Site Scripting (XSS) |
BP Member Type Manager | Cross-Site Scripting (XSS) |
Branding | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Breeze | Cross-Site Scripting (XSS) |
Broken Link Checker | Cross-Site Scripting (XSS) |
BuddyPress Docs | Cross-Site Scripting (XSS) |
BuddyPress Greeting Message | Cross-Site Scripting (XSS) |
Button contact VR | Cross-Site Scripting (XSS) |
bVerse Convert | Cross-Site Scripting (XSS) |
Campus Explorer Widget | Cross-Site Scripting (XSS) |
Captcha Bank | Cross-Site Scripting (XSS) |
Category and Taxonomy Image | Cross-Site Scripting (XSS) |
Category and Taxonomy Meta Fields | Cross-Site Scripting (XSS) |
Category and Taxonomy Meta Fields | Cross-Site Scripting (XSS) |
Category Icon | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
chatplusjp | Cross-Site Scripting (XSS) |
Checkout Field Editor (Checkout Manager) for WooCommerce | Cross-Site Scripting (XSS) from render_review_request_notice |
Church Admin | Cross-Site Scripting (XSS) |
CJ Change Howdy | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Click to Chat – WP Support All-in-One Floating Widget | Cross-Site Scripting (XSS) from wpsaio_snapchat Shortcode |
Click to Chat – WP Support All-in-One Floating Widget | Cross-Site Scripting (XSS) |
Client Power Tools Portal | Cross-Site Scripting (XSS) |
Clio Grow | Cross-Site Scripting (XSS) |
CMSMasters Content Composer | Cross-Site Scripting (XSS) from Shortcode |
CM Tooltip Glossary | Cross-Site Scripting (XSS) |
Code Embed | Cross-Site Scripting (XSS) |
Code Generate | Cross-Site Scripting (XSS) |
CodePen Embedded Pens Shortcode | Cross-Site Scripting (XSS) |
Community by PeepSo | Cross-Site Scripting (XSS) |
Compact WP Audio Player | Cross-Site Scripting (XSS) from sc_embed_player Shortcode |
Conditional Fields for Contact Form 7 | Cross-Site Scripting (XSS) |
Contact Form 7 – PayPal & Stripe Add-on | Cross-Site Scripting (XSS) |
Contact Form 7 - Repeatable Fields | Cross-Site Scripting (XSS) from field_group Shortcode |
Contact Form by Supsystic | Cross-Site Scripting (XSS) |
Cooked Pro | Cross-Site Scripting (XSS) |
Cookie Scanner | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Coub | Cross-Site Scripting (XSS) |
Countdown & Clock | Cross-Site Scripting (XSS) |
Country Flags for Elementor | Cross-Site Scripting (XSS) |
Cozy Blocks | Cross-Site Scripting (XSS) |
Cozy Blocks | Cross-Site Scripting (XSS) |
Crazy Call To Action Box | Cross-Site Scripting (XSS) |
cSlider | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Curator.io | Cross-Site Scripting (XSS) |
CURCY | Cross-Site Scripting (XSS) |
Custom Add to Cart Button Label and Link | Cross-Site Scripting (XSS) |
Custom Banners | Cross-Site Scripting (XSS) |
Custom Twitter Feeds (Tweets Widget) | Cross-Site Scripting (XSS) |
CWD 3D Image Gallery | Cross-Site Scripting (XSS) |
Da Reactions | Cross-Site Scripting (XSS) |
DearFlip | Cross-Site Scripting (XSS) |
Debrandify | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Demo Importer Plus | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Digitally Theme | Cross-Site Scripting (XSS) |
disconnected Theme | Cross-Site Scripting (XSS) |
Discount Rules for WooCommerce | Cross-Site Scripting (XSS) |
Display Medium Posts | Cross-Site Scripting (XSS) from display_medium_posts Shortcode |
DK PDF | Cross-Site Scripting (XSS) |
DocumentPress | Cross-Site Scripting (XSS) |
Download Manager | Cross-Site Scripting (XSS) |
Download Plugins and Themes from Dashboard | Cross-Site Scripting (XSS) |
DPD Baltic Shipping | Cross-Site Scripting (XSS) |
Easy Addons for Elementor | Cross-Site Scripting (XSS) |
Easy Demo Importer | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Easy Load More | Cross-Site Scripting (XSS) |
Easy Menu Manager | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Easy PayPal Gift Certificate | Cross-Site Request Forgery to Cross-Site Scripting (XSS) |
Easy Post Types | Cross-Site Scripting (XSS) from Post Meta |
Easy Pricing Tables | Cross-Site Scripting (XSS) |
Easy Social Share Buttons | Cross-Site Scripting (XSS) |
Editor Custom Color Palette | Cross-Site Scripting (XSS) |
Edit WooCommerce Templates | Cross-Site Scripting (XSS) from page |
Edwiser Bridge | Cross-Site Scripting (XSS) |
Elastik Page Builder | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Elemenda | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
Elementor Inline SVG | Cross-Site Scripting (XSS) |
Elements kit Elementor addons | Cross-Site Scripting (XSS) |
ElementsReady Addons for Elementor | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
El mejor Cluster | Cross-Site Scripting (XSS) |
Email Template Customizer for WooCommerce | Cross-Site Scripting (XSS) |
Embed PDF Viewer | Cross-Site Scripting (XSS) |
EmbedPress | Cross-Site Scripting (XSS) |
Embed videos and respect privacy | Cross-Site Scripting (XSS) |
Encyclopedia and Glossary and Wiki | Cross-Site Scripting (XSS) |
Endless Posts Navigation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Envo's Elementor Templates & Widgets for WooCommerce | Cross-Site Scripting (XSS) |
Event Manager for WooCommerce | Cross-Site Scripting (XSS) |
EventPrime | Unauthenticated Cross-Site Scripting (XSS) |
EventPrime | Unauthenticated Cross-Site Scripting (XSS) |
Events Addon for Elementor | Cross-Site Scripting (XSS) |
Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
Extra Privacy for Elementor | Cross-Site Scripting (XSS) |
Extra Product Options Builder for WooCommerce | Unauthenticated Cross-Site Scripting (XSS) |
Featured Posts with Multiple Custom Groups (FPMCG) | Cross-Site Scripting (XSS) |
File Upload (BAC) Types | Cross-Site Scripting (XSS) |
Firelight Lightbox | Cross-Site Scripting (XSS) |
Fish and Ships | Cross-Site Scripting (XSS) |
Flat UI Button | Cross-Site Scripting (XSS) from flatbtn Shortcode |
Flexmls® IDX | Cross-Site Scripting (XSS) |
FluentForm | Cross-Site Scripting (XSS) |
Fonto | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Forms for Mailchimp by Optin Cat | Cross-Site Scripting (XSS) from Form Color Parameters |
Forms for Mailchimp by Optin Cat | Cross-Site Scripting (XSS) |
FULL Customer | Cross-Site Scripting (XSS) |
Futurio Extra | Cross-Site Scripting (XSS) |
Gantry 4 Framework | Cross-Site Scripting (XSS) |
GDPR-Extensions-com | Cross-Site Scripting (XSS) |
GeoDirectory | Cross-Site Scripting (XSS) |
Geo Mashup | Cross-Site Scripting (XSS) from geo_mashup_visible_posts_list Shortcode |
GetResponse Forms | Cross-Site Scripting (XSS) |
G Meta Keywords | Cross-Site Scripting (XSS) |
Google Docs RSVP | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
GoogleDrive folder list | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Google Language Translator | Cross-Site Scripting (XSS) |
Google Map Locations | Cross-Site Scripting (XSS) |
Gravity Forms Toolbar | Cross-Site Scripting (XSS) |
Guten Post Layout | Cross-Site Scripting (XSS) from align Attribute |
HT Team Member | Cross-Site Scripting (XSS) from htteamember Shortcode |
Hyperlink Group Block | Cross-Site Scripting (XSS) |
Ibtana | Cross-Site Scripting (XSS) from align Attribute |
ID-SK Toolkit | Cross-Site Scripting (XSS) |
ID-SK Toolkit | Cross-Site Scripting (XSS) |
Image Map Pro | Cross-Site Scripting (XSS) |
ImagePress | Cross-Site Scripting (XSS) from Plugin Settings |
Import and export users and customers | Cross-Site Scripting (XSS) |
Increase upload file size & Maximum Execution Time limit | Cross-Site Scripting (XSS) |
Interactive World Map | Cross-Site Scripting (XSS) |
Jigoshop – Store Exporter | Cross-Site Scripting (XSS) |
jLayer Parallax Slider | Cross-Site Scripting (XSS) |
js paper Theme | Cross-Site Scripting (XSS) |
Kama SpamBlock | Cross-Site Scripting (XSS) |
Kata Plus | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Kata Plus | Cross-Site Scripting (XSS) |
Kodex Posts likes | Cross-Site Scripting (XSS) |
Language Switcher | Cross-Site Scripting (XSS) |
LaTeX2HTML | Cross-Site Scripting (XSS) |
League of Legends Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
leenk.me | Cross-Site Scripting (XSS) |
LH Copy Media File | Cross-Site Scripting (XSS) |
Lightbox slider – Responsive Lightbox Gallery | Cross-Site Scripting (XSS) |
Local Business Addons For Elementor | Cross-Site Scripting (XSS) |
LocateAndFilter | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Locatoraid Store Locator | Cross-Site Scripting (XSS) |
Loggedin | Cross-Site Scripting (XSS) |
Login Logout Shortcode | Cross-Site Scripting (XSS) from class Parameter |
Logo Slider | Cross-Site Scripting (XSS) |
Magazine Blocks | Cross-Site Scripting (XSS) |
Magazine Blocks | Cross-Site Scripting (XSS) |
Marketing and SEO Booster | Cross-Site Scripting (XSS) |
MAS Companies For WP Job Manager | Cross-Site Scripting (XSS) |
MAS Elementor | Cross-Site Scripting (XSS) |
Masteriyo - LMS | Cross-Site Scripting (XSS) |
Maximum Products per User for WooCommerce | Cross-Site Scripting (XSS) |
MC4WP: Mailchimp Top Bar | Cross-Site Scripting (XSS) |
Mega Elements | Cross-Site Scripting (XSS) |
Memberful | Cross-Site Scripting (XSS) |
Mighty Builder | Cross-Site Scripting (XSS) |
Mitm Bug Tracker | Cross-Site Scripting (XSS) |
Monitor.chat | Cross-Site Scripting (XSS) |
Monkee-Boy Essentials | Cross-Site Scripting (XSS) |
Movie Database | Cross-Site Scripting (XSS) |
myCred Elementor | Cross-Site Scripting (XSS) |
My Favorites | Cross-Site Scripting (XSS) |
my flatonica Theme | Cross-Site Scripting (XSS) |
Mynx Page Builder | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
my wooden under construction Theme | Cross-Site Scripting (XSS) |
Namaste! LMS | Cross-Site Scripting (XSS) |
Namaste! LMS | Cross-Site Scripting (XSS) |
Namaste! LMS | Cross-Site Scripting (XSS) |
Newsletters | Cross-Site Scripting (XSS) from newsletters_video Shortcode |
Nexter Blocks | Cross-Site Scripting (XSS) |
Ninja Forms | Cross-Site Scripting (XSS) |
Ninja Forms | Cross-Site Scripting (XSS) |
Nioland Theme | Cross-Site Scripting (XSS) |
Omnipress | Cross-Site Scripting (XSS) |
Optin Hound | Cross-Site Scripting (XSS) from add_query_arg Parameter |
Paid Member Subscriptions | Cross-Site Scripting (XSS) |
Parallax Image | Cross-Site Scripting (XSS) from dd-parallax Shortcode |
Parcel Pro | Cross-Site Scripting (XSS) |
PDF Generator Addon for Elementor Page Builder | Cross-Site Scripting (XSS) |
PDF Image Generator | Cross-Site Scripting (XSS) |
PeproDev Ultimate Invoice | Cross-Site Scripting (XSS) |
Persian Woocommerce SMS | Cross-Site Scripting (XSS) |
Photo Gallery by 10Web | Cross-Site Scripting (XSS) |
Pinpoint Booking System | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Plexx Elementor Extension | Cross-Site Scripting (XSS) |
Poll Maker | Cross-Site Scripting (XSS) |
Popularis Extra | Cross-Site Scripting (XSS) |
Post Grid and Gutenberg Blocks | Cross-Site Scripting (XSS) |
Post Grid, Post Carousel, & List Category Posts – by Smart Post Show | Cross-Site Scripting (XSS) from Pagination Color |
Post Status Notifier Lite | Cross-Site Scripting (XSS) from page |
Post Status Notifier Premium | Cross-Site Scripting (XSS) from page |
PostX | Cross-Site Scripting (XSS) |
PostX | Cross-Site Scripting (XSS) |
PowerPress Podcasting | Cross-Site Scripting (XSS) |
Premium Addons for Elementor | DOM-Based Cross-Site Scripting (XSS) from Video Box Widget |
Pricer Ninja | Cross-Site Scripting (XSS) |
Primary Addon for Elementor | Cross-Site Scripting (XSS) |
PriPre | Cross-Site Scripting (XSS) |
Product Customizer Light | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Product Delivery Date for WooCommerce – Lite | Cross-Site Scripting (XSS) |
Products, Order & Customers Export for WooCommerce | Cross-Site Scripting (XSS) |
PublishPress Revisions | Cross-Site Scripting (XSS) |
PWA | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
QS Dark Mode | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Quantity Dynamic Pricing & Bulk Discounts for WooCommerce | Cross-Site Scripting (XSS) |
RabbitLoader | Cross-Site Scripting (XSS) |
R Animated Icon | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Raptor Editor | Cross-Site Scripting (XSS) |
ReDi Restaurant Reservation | Cross-Site Scripting (XSS) |
Relevanssi | Cross-Site Scripting (XSS) |
Relogo | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Rescue Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
Responsive Lightbox | Cross-Site Scripting (XSS) |
Restaurant Reservations Widget | Cross-Site Scripting (XSS) |
Re:WP | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Risk Warning Bar | Cross-Site Scripting (XSS) |
Robo Gallery | Cross-Site Scripting (XSS) |
Royal Elementor Addons | Cross-Site Scripting (XSS) from Team Member Widget |
RSS Feed Widget | Cross-Site Scripting (XSS) from rfw-youtube-videos Shortcode |
RumbleTalk Live Group Chat | Cross-Site Scripting (XSS) |
Scrollbar by webxapp – Best vertical and horizontal scrollbars plugin | Cross-Site Scripting (XSS) |
Selection Lite | Cross-Site Scripting (XSS) |
SendPulse Free Web Push | Unauthenticated Cross-Site Scripting (XSS) |
SEO Manager | Cross-Site Scripting (XSS) from Post Meta |
SEOPress | Cross-Site Scripting (XSS) |
SEUR Oficial | Cross-Site Scripting (XSS) |
ShiftController Employee Shift Scheduling | Cross-Site Scripting (XSS) |
Shortcode For Elementor Templates | Cross-Site Scripting (XSS) |
Shortcodes and extra features for Phlox theme | Cross-Site Scripting (XSS) from Modern Heading and Icon Picker Widgets |
Shortcodes Ultimate | DOM-Based Cross-Site Scripting (XSS) |
Shoutcast Icecast HTML5 Radio Player | Cross-Site Scripting (XSS) |
Simple Baseball Scoreboard | Cross-Site Scripting (XSS) |
Simple Custom Admin | Cross-Site Scripting (XSS) |
Simple Load More | Cross-Site Scripting (XSS) |
Simple News | Cross-Site Scripting (XSS) from news Shortcode |
Simple Testimonials Showcase | Cross-Site Scripting (XSS) |
Simply Schedule Appointments | Cross-Site Scripting (XSS) |
Simply Schedule Appointments | Cross-Site Scripting (XSS) |
Sirv | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
SKT Blocks – Gutenberg based Page Builder | Cross-Site Scripting (XSS) |
Sky Addons for Elementor | Cross-Site Scripting (XSS) |
Slider Revolution | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Slimstat Analytics | Unauthenticated Cross-Site Scripting (XSS) |
Smart Blocks | Cross-Site Scripting (XSS) |
Smart Custom 404 Error Page | Cross-Site Scripting (XSS) |
Smart Online Order for Clover | Cross-Site Scripting (XSS) from moo_receipt_link Shortcode |
Smart Online Order for Clover | Cross-Site Scripting (XSS) |
SMS Alert Order Notifications – WooCommerce | Cross-Site Scripting (XSS) from sa_subscribe Shortcode |
Social Share Buttons | Cross-Site Scripting (XSS) |
Social Share With Floating Bar | Cross-Site Scripting (XSS) |
Social Sharing (by Danny) | Cross-Site Scripting (XSS) from Shortcode |
Stars Testimonials | Cross-Site Scripting (XSS) from stars_testimonials Shortcode |
StreamWeasels Twitch Integration | Cross-Site Scripting (XSS) from sw-twitch-embed Shortcode |
StreamWeasels YouTube Integration | Cross-Site Scripting (XSS) from sw-youtube-embed Shortcode |
Subscribe to Comments | Cross-Site Scripting (XSS) |
Suki Sites Import | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
Survey Maker | Cross-Site Scripting (XSS) |
Survey Maker | Cross-Site Scripting (XSS) |
SVG Captcha | Cross-Site Scripting (XSS) |
SVG Complete | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
SW Kick Integration | Cross-Site Scripting (XSS) from sw-kick-embed Shortcode |
TablePress | Cross-Site Scripting (XSS) |
Tainacan | Cross-Site Scripting (XSS) |
T(-) Countdown | Cross-Site Scripting (XSS) from Shortcode |
Terms descriptions | Cross-Site Scripting (XSS) |
Textboxes | Cross-Site Scripting (XSS) |
ThemeHunk | Cross-Site Scripting (XSS) |
Themes4WP YouTube External Subtitles | Cross-Site Scripting (XSS) |
Themesflat Addons For Elementor | Cross-Site Scripting (XSS) |
Themify Builder | Cross-Site Scripting (XSS) |
The Ultimate WordPress Toolkit – WP Extended | Cross-Site Scripting (XSS) |
Tida URL Screenshot | Cross-Site Scripting (XSS) |
Time Slot | Cross-Site Scripting (XSS) |
TinyMCE | Cross-Site Scripting (XSS) |
Tito | Cross-Site Scripting (XSS) |
Todo Custom Field | Cross-Site Scripting (XSS) |
Trip Plan | Cross-Site Scripting (XSS) |
uCAT – Next Story | Cross-Site Scripting (XSS) |
Ultimate Member | Cross-Site Scripting (XSS) |
UltraAddons Elementor Lite | Cross-Site Scripting (XSS) |
Unlimited Addon For Elementor | Cross-Site Scripting (XSS) |
VKontakte Wall Post | Cross-Site Scripting (XSS) |
Web Bricks Addons for Elementor | Cross-Site Scripting (XSS) |
WeChat Subscribers Lite | Cross-Site Scripting (XSS) |
Whitelist | Cross-Site Scripting (XSS) |
Widget or Sidebar Shortcode | Cross-Site Scripting (XSS) from Shortcode |
WooCommerce Maintenance Mode | Cross-Site Scripting (XSS) |
WooCommerce Multilingual & Multicurrency | Cross-Site Scripting (XSS) |
WooCommerce – Store Exporter | Cross-Site Scripting (XSS) |
Woo Manage Fraud Orders | Cross-Site Scripting (XSS) |
WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
WordPress Portfolio Builder – Portfolio Gallery | Cross-Site Scripting (XSS) |
WordPress Video | Cross-Site Scripting (XSS) |
WP Abstracts | Cross-Site Scripting (XSS) |
WP Adminify | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
WPAdverts – Classifieds Plugin | Unauthenticated Cross-Site Scripting (XSS) from adverts_add Shortcode |
WP Awesome Login | Cross-Site Scripting (XSS) |
WP Baidu Map | Cross-Site Scripting (XSS) from Shortcode |
WP Blocks Hub | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
WP Builder | Cross-Site Scripting (XSS) |
WP Cleanup and Basic Functions | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
WP Crowdfunding | Cross-Site Scripting (XSS) |
WP Education | Cross-Site Scripting (XSS) |
WP ERP | Cross-Site Scripting (XSS) |
WP Flow Plus | Cross-Site Scripting (XSS) |
WPKoi Templates for Elementor | Cross-Site Scripting (XSS) |
WP-Members | Cross-Site Scripting (XSS) from wpmem_loginout Shortcode |
WP-Members | Cross-Site Scripting (XSS) |
WP Photo Album Plus | Cross-Site Scripting (XSS) |
wpPricing Builder | Cross-Site Scripting (XSS) |
WP Recipe Maker | DOM-Based Cross-Site Scripting (XSS) from 'tooltip' |
WP Search Analytics | Cross-Site Scripting (XSS) |
WP show more | Cross-Site Scripting (XSS) |
WP-Spreadplugin | Cross-Site Scripting (XSS) |
WP Ultimate Post Grid | Cross-Site Scripting (XSS) |
Wsify Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
XO Slider | Cross-Site Scripting (XSS) |
YITH WooCommerce Product Add-Ons | Cross-Site Scripting (XSS) |
YML for Yandex Market | Cross-Site Scripting (XSS) |
Youzify | Cross-Site Scripting (XSS) |
Zita Elementor Site Library | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
WordPress Cross-Site Scripting (XSS) reported in 2024: | 2807 |
MANAGED WP/Woo SECURITY: WP XSS NOV 2024 – WP Cross-Site Scripting
Table of Contents
- WP XSS NOV 2024 - WP Cross-Site Scripting
- Managed WP/Woo Security Report
- Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
- Today's reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order your WP Cross-Site Scripting Patch Management.
- Get security LIVEPATCH
- Stay informed
- Need managed WP security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.
- MANAGED WP/Woo SECURITY: WP XSS NOV 2024 – WP Cross-Site Scripting
- WP XSS DEC 2024: 569 Effortless WP Cross-Site Scripting
- WP XSS OCT 2024: 250 Effortless WP Cross-Site Scripting
- WP XSS SEP 2024: 251 Effortless WP Cross-Site Scripting
- WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting