WP XSS NOV 2024 - WP Cross-Site Scripting
Managed WP/Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS NOV 2024 is a +51% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed WP Security.
The following cases made headlines PUBLICLY just last month in the WP XSS NOV 2024 & WP Cross-Site Scripting category:
| 10Web Social Post Feed | Cross-Site Scripting (XSS) |
| 123.chat | Unauthenticated Cross-Site Scripting (XSS) |
| 2D Tag Cloud | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| AB Categories Search Widget | Cross-Site Scripting (XSS) |
| Accordion Slider | Cross-Site Scripting (XSS) |
| ACL Floating Cart for WooCommerce | Cross-Site Scripting (XSS) |
| Add Categories Post Footer | Cross-Site Scripting (XSS) |
| Add Widget After Content | Cross-Site Scripting (XSS) |
| ADIF Log Search Widget | Cross-Site Scripting (XSS) |
| Ad Inserter | Cross-Site Scripting (XSS) |
| Admin Management Xtended | Cross-Site Scripting (XSS) |
| Ads.txt & App-ads.txt Manager for WordPress | Cross-Site Scripting (XSS) |
| Advanced Blocks Pro | Cross-Site Scripting (XSS) |
| Advanced Category and Custom Taxonomy Image | Cross-Site Scripting (XSS) from ad_tax_image Shortcode |
| Advanced Custom Fields | Cross-Site Scripting (XSS) |
| Advanced Custom Fields PRO | Cross-Site Scripting (XSS) |
| Advanced Sermons | Cross-Site Scripting (XSS) |
| Affiliate Platform | Cross-Site Scripting (XSS) |
| affiliate-toolkit | Cross-Site Scripting (XSS) from atkp_product Shortcode |
| AffiliateX | Cross-Site Scripting (XSS) |
| Aggregator Advanced Settings | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Agile Video Player Lite | Cross-Site Scripting (XSS) |
| Ahmeti Wp Timeline | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Ajax Custom CSS and JS | Cross-Site Scripting (XSS) |
| Ajax Load More | Cross-Site Scripting (XSS) from button_label Parameter |
| Akismet htaccess writer | Cross-Site Scripting (XSS) |
| Alley Elementor Widget | Cross-Site Scripting (XSS) |
| All in One Slider | Cross-Site Scripting (XSS) |
| Amilia Store | Cross-Site Scripting (XSS) |
| Anchor Episodes Index (Spotify for Podcasters) | Cross-Site Scripting (XSS) |
| Ancient World Linked Data | Cross-Site Scripting (XSS) |
| Animator | Cross-Site Scripting (XSS) |
| Arconix Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
| Arconix Shortcodes | Cross-Site Scripting (XSS) from box Shortcode |
| Arkhe Blocks | Cross-Site Scripting (XSS) |
| Astra Widgets | Cross-Site Scripting (XSS) |
| Auto Amazon Links | Cross-Site Scripting (XSS) |
| Auto Featured Image from Title | Cross-Site Scripting (XSS) |
| Auto iFrame | Cross-Site Scripting (XSS) from tag Parameter |
| AVChat Video Chat | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| AVIF & SVG Uploader | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Awesome Buttons | Cross-Site Scripting (XSS) |
| Awesome Contact Form7 for Elementor | Cross-Site Scripting (XSS) |
| Bamazoo Button Generator | Cross-Site Scripting (XSS) |
| Banner Slider | Cross-Site Scripting (XSS) |
| Beaver Builder | Cross-Site Scripting (XSS) |
| Beaver Builder | DOM-Based Cross-Site Scripting (XSS) from Button Widget |
| Beek Widget Extention | Cross-Site Scripting (XSS) |
| BerqWP | Cross-Site Scripting (XSS) |
| Better Author Bio | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Bet WC 2018 Russia | Cross-Site Scripting (XSS) |
| Black Widgets For Elementor | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| BlockMeister – Block Pattern Builder | Cross-Site Scripting (XSS) |
| Booking Calendar | Cross-Site Scripting (XSS) |
| Booking.com Banner Creator | Cross-Site Scripting (XSS) |
| BP Member Type Manager | Cross-Site Scripting (XSS) |
| Branding | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Breeze | Cross-Site Scripting (XSS) |
| Broken Link Checker | Cross-Site Scripting (XSS) |
| BuddyPress Docs | Cross-Site Scripting (XSS) |
| BuddyPress Greeting Message | Cross-Site Scripting (XSS) |
| Button contact VR | Cross-Site Scripting (XSS) |
| bVerse Convert | Cross-Site Scripting (XSS) |
| Campus Explorer Widget | Cross-Site Scripting (XSS) |
| Captcha Bank | Cross-Site Scripting (XSS) |
| Category and Taxonomy Image | Cross-Site Scripting (XSS) |
| Category and Taxonomy Meta Fields | Cross-Site Scripting (XSS) |
| Category and Taxonomy Meta Fields | Cross-Site Scripting (XSS) |
| Category Icon | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| chatplusjp | Cross-Site Scripting (XSS) |
| Checkout Field Editor (Checkout Manager) for WooCommerce | Cross-Site Scripting (XSS) from render_review_request_notice |
| Church Admin | Cross-Site Scripting (XSS) |
| CJ Change Howdy | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Click to Chat – WP Support All-in-One Floating Widget | Cross-Site Scripting (XSS) from wpsaio_snapchat Shortcode |
| Click to Chat – WP Support All-in-One Floating Widget | Cross-Site Scripting (XSS) |
| Client Power Tools Portal | Cross-Site Scripting (XSS) |
| Clio Grow | Cross-Site Scripting (XSS) |
| CMSMasters Content Composer | Cross-Site Scripting (XSS) from Shortcode |
| CM Tooltip Glossary | Cross-Site Scripting (XSS) |
| Code Embed | Cross-Site Scripting (XSS) |
| Code Generate | Cross-Site Scripting (XSS) |
| CodePen Embedded Pens Shortcode | Cross-Site Scripting (XSS) |
| Community by PeepSo | Cross-Site Scripting (XSS) |
| Compact WP Audio Player | Cross-Site Scripting (XSS) from sc_embed_player Shortcode |
| Conditional Fields for Contact Form 7 | Cross-Site Scripting (XSS) |
| Contact Form 7 – PayPal & Stripe Add-on | Cross-Site Scripting (XSS) |
| Contact Form 7 - Repeatable Fields | Cross-Site Scripting (XSS) from field_group Shortcode |
| Contact Form by Supsystic | Cross-Site Scripting (XSS) |
| Cooked Pro | Cross-Site Scripting (XSS) |
| Cookie Scanner | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Coub | Cross-Site Scripting (XSS) |
| Countdown & Clock | Cross-Site Scripting (XSS) |
| Country Flags for Elementor | Cross-Site Scripting (XSS) |
| Cozy Blocks | Cross-Site Scripting (XSS) |
| Cozy Blocks | Cross-Site Scripting (XSS) |
| Crazy Call To Action Box | Cross-Site Scripting (XSS) |
| cSlider | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Curator.io | Cross-Site Scripting (XSS) |
| CURCY | Cross-Site Scripting (XSS) |
| Custom Add to Cart Button Label and Link | Cross-Site Scripting (XSS) |
| Custom Banners | Cross-Site Scripting (XSS) |
| Custom Twitter Feeds (Tweets Widget) | Cross-Site Scripting (XSS) |
| CWD 3D Image Gallery | Cross-Site Scripting (XSS) |
| Da Reactions | Cross-Site Scripting (XSS) |
| DearFlip | Cross-Site Scripting (XSS) |
| Debrandify | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Demo Importer Plus | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Digitally Theme | Cross-Site Scripting (XSS) |
| disconnected Theme | Cross-Site Scripting (XSS) |
| Discount Rules for WooCommerce | Cross-Site Scripting (XSS) |
| Display Medium Posts | Cross-Site Scripting (XSS) from display_medium_posts Shortcode |
| DK PDF | Cross-Site Scripting (XSS) |
| DocumentPress | Cross-Site Scripting (XSS) |
| Download Manager | Cross-Site Scripting (XSS) |
| Download Plugins and Themes from Dashboard | Cross-Site Scripting (XSS) |
| DPD Baltic Shipping | Cross-Site Scripting (XSS) |
| Easy Addons for Elementor | Cross-Site Scripting (XSS) |
| Easy Demo Importer | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Easy Load More | Cross-Site Scripting (XSS) |
| Easy Menu Manager | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Easy PayPal Gift Certificate | Cross-Site Request Forgery to Cross-Site Scripting (XSS) |
| Easy Post Types | Cross-Site Scripting (XSS) from Post Meta |
| Easy Pricing Tables | Cross-Site Scripting (XSS) |
| Easy Social Share Buttons | Cross-Site Scripting (XSS) |
| Editor Custom Color Palette | Cross-Site Scripting (XSS) |
| Edit WooCommerce Templates | Cross-Site Scripting (XSS) from page |
| Edwiser Bridge | Cross-Site Scripting (XSS) |
| Elastik Page Builder | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Elemenda | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| Elementor Inline SVG | Cross-Site Scripting (XSS) |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) |
| ElementsReady Addons for Elementor | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| El mejor Cluster | Cross-Site Scripting (XSS) |
| Email Template Customizer for WooCommerce | Cross-Site Scripting (XSS) |
| Embed PDF Viewer | Cross-Site Scripting (XSS) |
| EmbedPress | Cross-Site Scripting (XSS) |
| Embed videos and respect privacy | Cross-Site Scripting (XSS) |
| Encyclopedia and Glossary and Wiki | Cross-Site Scripting (XSS) |
| Endless Posts Navigation | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Envo's Elementor Templates & Widgets for WooCommerce | Cross-Site Scripting (XSS) |
| Event Manager for WooCommerce | Cross-Site Scripting (XSS) |
| EventPrime | Unauthenticated Cross-Site Scripting (XSS) |
| EventPrime | Unauthenticated Cross-Site Scripting (XSS) |
| Events Addon for Elementor | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
| Extra Privacy for Elementor | Cross-Site Scripting (XSS) |
| Extra Product Options Builder for WooCommerce | Unauthenticated Cross-Site Scripting (XSS) |
| Featured Posts with Multiple Custom Groups (FPMCG) | Cross-Site Scripting (XSS) |
| File Upload (BAC) Types | Cross-Site Scripting (XSS) |
| Firelight Lightbox | Cross-Site Scripting (XSS) |
| Fish and Ships | Cross-Site Scripting (XSS) |
| Flat UI Button | Cross-Site Scripting (XSS) from flatbtn Shortcode |
| Flexmls® IDX | Cross-Site Scripting (XSS) |
| FluentForm | Cross-Site Scripting (XSS) |
| Fonto | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Forms for Mailchimp by Optin Cat | Cross-Site Scripting (XSS) from Form Color Parameters |
| Forms for Mailchimp by Optin Cat | Cross-Site Scripting (XSS) |
| FULL Customer | Cross-Site Scripting (XSS) |
| Futurio Extra | Cross-Site Scripting (XSS) |
| Gantry 4 Framework | Cross-Site Scripting (XSS) |
| GDPR-Extensions-com | Cross-Site Scripting (XSS) |
| GeoDirectory | Cross-Site Scripting (XSS) |
| Geo Mashup | Cross-Site Scripting (XSS) from geo_mashup_visible_posts_list Shortcode |
| GetResponse Forms | Cross-Site Scripting (XSS) |
| G Meta Keywords | Cross-Site Scripting (XSS) |
| Google Docs RSVP | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| GoogleDrive folder list | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Google Language Translator | Cross-Site Scripting (XSS) |
| Google Map Locations | Cross-Site Scripting (XSS) |
| Gravity Forms Toolbar | Cross-Site Scripting (XSS) |
| Guten Post Layout | Cross-Site Scripting (XSS) from align Attribute |
| HT Team Member | Cross-Site Scripting (XSS) from htteamember Shortcode |
| Hyperlink Group Block | Cross-Site Scripting (XSS) |
| Ibtana | Cross-Site Scripting (XSS) from align Attribute |
| ID-SK Toolkit | Cross-Site Scripting (XSS) |
| ID-SK Toolkit | Cross-Site Scripting (XSS) |
| Image Map Pro | Cross-Site Scripting (XSS) |
| ImagePress | Cross-Site Scripting (XSS) from Plugin Settings |
| Import and export users and customers | Cross-Site Scripting (XSS) |
| Increase upload file size & Maximum Execution Time limit | Cross-Site Scripting (XSS) |
| Interactive World Map | Cross-Site Scripting (XSS) |
| Jigoshop – Store Exporter | Cross-Site Scripting (XSS) |
| jLayer Parallax Slider | Cross-Site Scripting (XSS) |
| js paper Theme | Cross-Site Scripting (XSS) |
| Kama SpamBlock | Cross-Site Scripting (XSS) |
| Kata Plus | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Kata Plus | Cross-Site Scripting (XSS) |
| Kodex Posts likes | Cross-Site Scripting (XSS) |
| Language Switcher | Cross-Site Scripting (XSS) |
| LaTeX2HTML | Cross-Site Scripting (XSS) |
| League of Legends Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
| leenk.me | Cross-Site Scripting (XSS) |
| LH Copy Media File | Cross-Site Scripting (XSS) |
| Lightbox slider – Responsive Lightbox Gallery | Cross-Site Scripting (XSS) |
| Local Business Addons For Elementor | Cross-Site Scripting (XSS) |
| LocateAndFilter | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Locatoraid Store Locator | Cross-Site Scripting (XSS) |
| Loggedin | Cross-Site Scripting (XSS) |
| Login Logout Shortcode | Cross-Site Scripting (XSS) from class Parameter |
| Logo Slider | Cross-Site Scripting (XSS) |
| Magazine Blocks | Cross-Site Scripting (XSS) |
| Magazine Blocks | Cross-Site Scripting (XSS) |
| Marketing and SEO Booster | Cross-Site Scripting (XSS) |
| MAS Companies For WP Job Manager | Cross-Site Scripting (XSS) |
| MAS Elementor | Cross-Site Scripting (XSS) |
| Masteriyo - LMS | Cross-Site Scripting (XSS) |
| Maximum Products per User for WooCommerce | Cross-Site Scripting (XSS) |
| MC4WP: Mailchimp Top Bar | Cross-Site Scripting (XSS) |
| Mega Elements | Cross-Site Scripting (XSS) |
| Memberful | Cross-Site Scripting (XSS) |
| Mighty Builder | Cross-Site Scripting (XSS) |
| Mitm Bug Tracker | Cross-Site Scripting (XSS) |
| Monitor.chat | Cross-Site Scripting (XSS) |
| Monkee-Boy Essentials | Cross-Site Scripting (XSS) |
| Movie Database | Cross-Site Scripting (XSS) |
| myCred Elementor | Cross-Site Scripting (XSS) |
| My Favorites | Cross-Site Scripting (XSS) |
| my flatonica Theme | Cross-Site Scripting (XSS) |
| Mynx Page Builder | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| my wooden under construction Theme | Cross-Site Scripting (XSS) |
| Namaste! LMS | Cross-Site Scripting (XSS) |
| Namaste! LMS | Cross-Site Scripting (XSS) |
| Namaste! LMS | Cross-Site Scripting (XSS) |
| Newsletters | Cross-Site Scripting (XSS) from newsletters_video Shortcode |
| Nexter Blocks | Cross-Site Scripting (XSS) |
| Ninja Forms | Cross-Site Scripting (XSS) |
| Ninja Forms | Cross-Site Scripting (XSS) |
| Nioland Theme | Cross-Site Scripting (XSS) |
| Omnipress | Cross-Site Scripting (XSS) |
| Optin Hound | Cross-Site Scripting (XSS) from add_query_arg Parameter |
| Paid Member Subscriptions | Cross-Site Scripting (XSS) |
| Parallax Image | Cross-Site Scripting (XSS) from dd-parallax Shortcode |
| Parcel Pro | Cross-Site Scripting (XSS) |
| PDF Generator Addon for Elementor Page Builder | Cross-Site Scripting (XSS) |
| PDF Image Generator | Cross-Site Scripting (XSS) |
| PeproDev Ultimate Invoice | Cross-Site Scripting (XSS) |
| Persian Woocommerce SMS | Cross-Site Scripting (XSS) |
| Photo Gallery by 10Web | Cross-Site Scripting (XSS) |
| Pinpoint Booking System | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Plexx Elementor Extension | Cross-Site Scripting (XSS) |
| Poll Maker | Cross-Site Scripting (XSS) |
| Popularis Extra | Cross-Site Scripting (XSS) |
| Post Grid and Gutenberg Blocks | Cross-Site Scripting (XSS) |
| Post Grid, Post Carousel, & List Category Posts – by Smart Post Show | Cross-Site Scripting (XSS) from Pagination Color |
| Post Status Notifier Lite | Cross-Site Scripting (XSS) from page |
| Post Status Notifier Premium | Cross-Site Scripting (XSS) from page |
| PostX | Cross-Site Scripting (XSS) |
| PostX | Cross-Site Scripting (XSS) |
| PowerPress Podcasting | Cross-Site Scripting (XSS) |
| Premium Addons for Elementor | DOM-Based Cross-Site Scripting (XSS) from Video Box Widget |
| Pricer Ninja | Cross-Site Scripting (XSS) |
| Primary Addon for Elementor | Cross-Site Scripting (XSS) |
| PriPre | Cross-Site Scripting (XSS) |
| Product Customizer Light | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Product Delivery Date for WooCommerce – Lite | Cross-Site Scripting (XSS) |
| Products, Order & Customers Export for WooCommerce | Cross-Site Scripting (XSS) |
| PublishPress Revisions | Cross-Site Scripting (XSS) |
| PWA | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| QS Dark Mode | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Quantity Dynamic Pricing & Bulk Discounts for WooCommerce | Cross-Site Scripting (XSS) |
| RabbitLoader | Cross-Site Scripting (XSS) |
| R Animated Icon | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Raptor Editor | Cross-Site Scripting (XSS) |
| ReDi Restaurant Reservation | Cross-Site Scripting (XSS) |
| Relevanssi | Cross-Site Scripting (XSS) |
| Relogo | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Rescue Shortcodes | Cross-Site Scripting (XSS) from Shortcode |
| Responsive Lightbox | Cross-Site Scripting (XSS) |
| Restaurant Reservations Widget | Cross-Site Scripting (XSS) |
| Re:WP | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Risk Warning Bar | Cross-Site Scripting (XSS) |
| Robo Gallery | Cross-Site Scripting (XSS) |
| Royal Elementor Addons | Cross-Site Scripting (XSS) from Team Member Widget |
| RSS Feed Widget | Cross-Site Scripting (XSS) from rfw-youtube-videos Shortcode |
| RumbleTalk Live Group Chat | Cross-Site Scripting (XSS) |
| Scrollbar by webxapp – Best vertical and horizontal scrollbars plugin | Cross-Site Scripting (XSS) |
| Selection Lite | Cross-Site Scripting (XSS) |
| SendPulse Free Web Push | Unauthenticated Cross-Site Scripting (XSS) |
| SEO Manager | Cross-Site Scripting (XSS) from Post Meta |
| SEOPress | Cross-Site Scripting (XSS) |
| SEUR Oficial | Cross-Site Scripting (XSS) |
| ShiftController Employee Shift Scheduling | Cross-Site Scripting (XSS) |
| Shortcode For Elementor Templates | Cross-Site Scripting (XSS) |
| Shortcodes and extra features for Phlox theme | Cross-Site Scripting (XSS) from Modern Heading and Icon Picker Widgets |
| Shortcodes Ultimate | DOM-Based Cross-Site Scripting (XSS) |
| Shoutcast Icecast HTML5 Radio Player | Cross-Site Scripting (XSS) |
| Simple Baseball Scoreboard | Cross-Site Scripting (XSS) |
| Simple Custom Admin | Cross-Site Scripting (XSS) |
| Simple Load More | Cross-Site Scripting (XSS) |
| Simple News | Cross-Site Scripting (XSS) from news Shortcode |
| Simple Testimonials Showcase | Cross-Site Scripting (XSS) |
| Simply Schedule Appointments | Cross-Site Scripting (XSS) |
| Simply Schedule Appointments | Cross-Site Scripting (XSS) |
| Sirv | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| SKT Blocks – Gutenberg based Page Builder | Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Scripting (XSS) |
| Slider Revolution | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Slimstat Analytics | Unauthenticated Cross-Site Scripting (XSS) |
| Smart Blocks | Cross-Site Scripting (XSS) |
| Smart Custom 404 Error Page | Cross-Site Scripting (XSS) |
| Smart Online Order for Clover | Cross-Site Scripting (XSS) from moo_receipt_link Shortcode |
| Smart Online Order for Clover | Cross-Site Scripting (XSS) |
| SMS Alert Order Notifications – WooCommerce | Cross-Site Scripting (XSS) from sa_subscribe Shortcode |
| Social Share Buttons | Cross-Site Scripting (XSS) |
| Social Share With Floating Bar | Cross-Site Scripting (XSS) |
| Social Sharing (by Danny) | Cross-Site Scripting (XSS) from Shortcode |
| Stars Testimonials | Cross-Site Scripting (XSS) from stars_testimonials Shortcode |
| StreamWeasels Twitch Integration | Cross-Site Scripting (XSS) from sw-twitch-embed Shortcode |
| StreamWeasels YouTube Integration | Cross-Site Scripting (XSS) from sw-youtube-embed Shortcode |
| Subscribe to Comments | Cross-Site Scripting (XSS) |
| Suki Sites Import | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Survey Maker | Cross-Site Scripting (XSS) |
| Survey Maker | Cross-Site Scripting (XSS) |
| SVG Captcha | Cross-Site Scripting (XSS) |
| SVG Complete | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| SW Kick Integration | Cross-Site Scripting (XSS) from sw-kick-embed Shortcode |
| TablePress | Cross-Site Scripting (XSS) |
| Tainacan | Cross-Site Scripting (XSS) |
| T(-) Countdown | Cross-Site Scripting (XSS) from Shortcode |
| Terms descriptions | Cross-Site Scripting (XSS) |
| Textboxes | Cross-Site Scripting (XSS) |
| ThemeHunk | Cross-Site Scripting (XSS) |
| Themes4WP YouTube External Subtitles | Cross-Site Scripting (XSS) |
| Themesflat Addons For Elementor | Cross-Site Scripting (XSS) |
| Themify Builder | Cross-Site Scripting (XSS) |
| The Ultimate WordPress Toolkit – WP Extended | Cross-Site Scripting (XSS) |
| Tida URL Screenshot | Cross-Site Scripting (XSS) |
| Time Slot | Cross-Site Scripting (XSS) |
| TinyMCE | Cross-Site Scripting (XSS) |
| Tito | Cross-Site Scripting (XSS) |
| Todo Custom Field | Cross-Site Scripting (XSS) |
| Trip Plan | Cross-Site Scripting (XSS) |
| uCAT – Next Story | Cross-Site Scripting (XSS) |
| Ultimate Member | Cross-Site Scripting (XSS) |
| UltraAddons Elementor Lite | Cross-Site Scripting (XSS) |
| Unlimited Addon For Elementor | Cross-Site Scripting (XSS) |
| VKontakte Wall Post | Cross-Site Scripting (XSS) |
| Web Bricks Addons for Elementor | Cross-Site Scripting (XSS) |
| WeChat Subscribers Lite | Cross-Site Scripting (XSS) |
| Whitelist | Cross-Site Scripting (XSS) |
| Widget or Sidebar Shortcode | Cross-Site Scripting (XSS) from Shortcode |
| WooCommerce Maintenance Mode | Cross-Site Scripting (XSS) |
| WooCommerce Multilingual & Multicurrency | Cross-Site Scripting (XSS) |
| WooCommerce – Store Exporter | Cross-Site Scripting (XSS) |
| Woo Manage Fraud Orders | Cross-Site Scripting (XSS) |
| WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
| WordPress Portfolio Builder – Portfolio Gallery | Cross-Site Scripting (XSS) |
| WordPress Video | Cross-Site Scripting (XSS) |
| WP Abstracts | Cross-Site Scripting (XSS) |
| WP Adminify | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WPAdverts – Classifieds Plugin | Unauthenticated Cross-Site Scripting (XSS) from adverts_add Shortcode |
| WP Awesome Login | Cross-Site Scripting (XSS) |
| WP Baidu Map | Cross-Site Scripting (XSS) from Shortcode |
| WP Blocks Hub | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WP Builder | Cross-Site Scripting (XSS) |
| WP Cleanup and Basic Functions | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WP Crowdfunding | Cross-Site Scripting (XSS) |
| WP Education | Cross-Site Scripting (XSS) |
| WP ERP | Cross-Site Scripting (XSS) |
| WP Flow Plus | Cross-Site Scripting (XSS) |
| WPKoi Templates for Elementor | Cross-Site Scripting (XSS) |
| WP-Members | Cross-Site Scripting (XSS) from wpmem_loginout Shortcode |
| WP-Members | Cross-Site Scripting (XSS) |
| WP Photo Album Plus | Cross-Site Scripting (XSS) |
| wpPricing Builder | Cross-Site Scripting (XSS) |
| WP Recipe Maker | DOM-Based Cross-Site Scripting (XSS) from 'tooltip' |
| WP Search Analytics | Cross-Site Scripting (XSS) |
| WP show more | Cross-Site Scripting (XSS) |
| WP-Spreadplugin | Cross-Site Scripting (XSS) |
| WP Ultimate Post Grid | Cross-Site Scripting (XSS) |
| Wsify Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| XO Slider | Cross-Site Scripting (XSS) |
| YITH WooCommerce Product Add-Ons | Cross-Site Scripting (XSS) |
| YML for Yandex Market | Cross-Site Scripting (XSS) |
| Youzify | Cross-Site Scripting (XSS) |
| Zita Elementor Site Library | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 2807 |
MANAGED WP/Woo SECURITY: WP XSS NOV 2024 – WP Cross-Site Scripting
WP XSS OCT 2024: 250 Effortless WP Cross-Site Scripting
WP XSS OCT 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS OCT 2024 is similarly HIGH compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security…
WP XSS SEP 2024: 251 Effortless WP Cross-Site Scripting
WP XSS SEP 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS SEP 2024 is a -11% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting
WP XSS AUG 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS AUG 2024 is a -7% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
WP XSS JUL 2024: 304 Effortless WP Cross-Site Scripting
WP XSS JUL 2024 – WP Cross-Site Scripting Managed WP/Woo Security Report Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS JUL 2024 is a +6% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP…
Table of Contents
- WP XSS NOV 2024 - WP Cross-Site Scripting
- Managed WP/Woo Security Report
- Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
- Today's reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order your WP Cross-Site Scripting Patch Management.
- Get security LIVEPATCH
- Stay informed
- Need managed WP security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.
- MANAGED WP/Woo SECURITY: WP XSS NOV 2024 – WP Cross-Site Scripting
- WP XSS OCT 2024: 250 Effortless WP Cross-Site Scripting
- WP XSS SEP 2024: 251 Effortless WP Cross-Site Scripting
- WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting
- WP XSS JUL 2024: 304 Effortless WP Cross-Site Scripting
