Discover Tuta Mail: Turn ON Privacy. Take back your data with Tuta's encrypted email, calendar and contacts.
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS APR 2024 is a +197% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Scripting cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP XSS APR 2024 & WP Cross-Site Scripting category:
| SpiderFAQ | Cross-Site Scripting (XSS) |
| Add Shortcodes Actions And Filters | Cross-Site Scripting (XSS) |
| AdsPlace'r – Ad Manager, Inserter, AdSense Ads | Cross-Site Scripting (XSS) |
| Advanced Access Manager | Cross-Site Scripting (XSS) |
| Advanced Access Manager | Cross-Site Scripting (XSS) |
| Advanced Form Integration | SQL Injection (SQLi) to Cross-Site Scripting (XSS) via integration_id |
| Advanced Sermons | Cross-Site Scripting (XSS) |
| Advanced Sermons | Cross-Site Scripting (XSS) |
| Advanced Social Feeds Widget & Shortcode | Cross-Site Scripting (XSS) |
| Aesop Story Engine | Cross-Site Scripting (XSS) |
| affiliate-toolkit | Cross-Site Scripting (XSS) |
| AI Engine: ChatGPT Chatbot | Unauthenticated Cross-Site Scripting (XSS) |
| AI Twitter Feeds (Twitter widget & shortcode) | Cross-Site Scripting (XSS) |
| Ajax Load More | Cross-Site Scripting (XSS) |
| All In One Redirection | Cross-Site Scripting (XSS) |
| Amelia | Cross-Site Scripting (XSS) |
| Animated Headline | Cross-Site Scripting (XSS) via Shortcode |
| AntiSpam for Contact Form 7 | Cross-Site Scripting (XSS) |
| Aparat for WordPress | Cross-Site Scripting (XSS) |
| APIExperts Square for WooCommerce | Cross-Site Scripting (XSS) |
| Appointment Calendar | Cross-Site Scripting (XSS) |
| ARMember | Cross-Site Scripting (XSS) |
| Astra Theme | Cross-Site Scripting (XSS) |
| Astra Theme | Cross-Site Scripting (XSS) Through Display Name |
| Automation By Autonami | Cross-Site Scripting (XSS) |
| Avada Theme | Cross-Site Scripting (XSS) via Shortcode |
| B Slider - Slider for your block editor | Cross-Site Scripting (XSS) |
| Barcode Scanner with Inventory & Order Manager | Cross-Site Scripting (XSS) |
| BEAR | Cross-Site Scripting (XSS) |
| Beaver Builder | Cross-Site Scripting (XSS) |
| Beaver Builder | Cross-Site Scripting (XSS) via heading tag |
| Beaver Builder Addons by WPZOOM | Cross-Site Scripting (XSS) |
| Better Elementor Addons | Cross-Site Scripting (XSS) via widget links |
| Better Elementor Addons | Cross-Site Scripting (XSS) |
| Better Search | Cross-Site Scripting (XSS) |
| BetterDocs | Cross-Site Scripting (XSS) via Shortcode |
| BizPrint | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Blocksy Companion | Cross-Site Scripting (XSS) |
| Blocksy Theme | Cross-Site Scripting (XSS) |
| Blue Triad EZAnalytics | Cross-Site Scripting (XSS) via 'bt_webid' |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Booking Activities | Cross-Site Scripting (XSS) |
| Booster for WooCommerce | Cross-Site Scripting (XSS) |
| Booster for WooCommerce | Cross-Site Scripting (XSS) via Shortocde |
| Breeze | Cross-Site Scripting (XSS) |
| Broken Images | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| BuddyForms | Cross-Site Scripting (XSS) |
| Bulk NoIndex & NoFollow Toolkit | Cross-Site Scripting (XSS) |
| Burst Statistics | Cross-Site Scripting (XSS) via burst_total_pageviews_count |
| Calculated Fields Form | Cross-Site Scripting (XSS) |
| Calculated Fields Form | Unauthenticated Cross-Site Scripting (XSS) |
| Calendarista Basic Edition | Cross-Site Scripting (XSS) |
| Cards for Beaver Builder | Cross-Site Scripting (XSS) via bootstrapcard link |
| Carousel Anything For WPBakery Page Builder | Cross-Site Scripting (XSS) |
| Change default login logo,url and title | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Christmas Greetings | Cross-Site Scripting (XSS) |
| Church Admin | Cross-Site Scripting (XSS) |
| Church Admin | Cross-Site Scripting (XSS) |
| Co-marquage service-public.fr | Cross-Site Scripting (XSS) |
| Co-marquage service-public.fr | Cross-Site Scripting (XSS) |
| CoBlocks | Cross-Site Scripting (XSS) |
| collectchat | Cross-Site Scripting (XSS) |
| ColorMag Theme | Cross-Site Scripting (XSS) via Display Name |
| Comic Easel | Cross-Site Scripting (XSS) |
| Compact WP Audio Player | Cross-Site Scripting (XSS) |
| Contact Form 7 | Cross-Site Scripting (XSS) |
| Contact Form 7 – PayPal & Stripe Add-on | Cross-Site Scripting (XSS) |
| Contact Form 7 Newsletter | Cross-Site Scripting (XSS) |
| Contact Form by BestWebSoft | Cross-Site Scripting (XSS) |
| Contact Form Entries | Cross-Site Scripting (XSS) via shortcode |
| Contact Forms by Cimatti | Cross-Site Scripting (XSS) |
| Contact Forms by Cimatti | Unauthenticated Cross-Site Scripting (XSS) |
| Contest Gallery | Cross-Site Scripting (XSS) |
| Contest Gallery | Cross-Site Scripting (XSS) |
| Contests by Rewards Fuel | Cross-Site Scripting (XSS) via Update (BAC)_rewards_fuel_api_key |
| Contests by Rewards Fuel | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Conversios.io | Cross-Site Scripting (XSS) |
| Convert Post Types | Cross-Site Scripting (XSS) |
| Cornerstone | Cross-Site Scripting (XSS) |
| Coupon Affiliates | Cross-Site Scripting (XSS) |
| Creative Image Slider – Responsive Slider Plugin | Cross-Site Scripting (XSS) |
| Crisp | Cross-Site Scripting (XSS) |
| CRM Perks Forms | Cross-Site Scripting (XSS) |
| Crypto Converter Widget | Cross-Site Scripting (XSS) |
| Custom Field Bulk Editor | Cross-Site Scripting (XSS) |
| Custom WooCommerce Checkout Fields Editor | Cross-Site Scripting (XSS) |
| CWW Companion | Cross-Site Scripting (XSS) |
| Database for Contact Form 7 | Unauthenticated Cross-Site Scripting (XSS) |
| DD Rating | Cross-Site Scripting (XSS) |
| DearFlip | Cross-Site Scripting (XSS) |
| Doneren met Mollie | Cross-Site Scripting (XSS) |
| Download Manager | Cross-Site Scripting (XSS) |
| Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress | Cross-Site Scripting (XSS) |
| Droit Elementor Addons | Cross-Site Scripting (XSS) |
| Dropdown Multisite selector | Cross-Site Scripting (XSS) |
| DX-Watermark | Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) and Cross-Site Scripting (XSS) |
| Easy Accordion | Cross-Site Scripting (XSS) |
| Easy Appointments | Cross-Site Scripting (XSS) |
| Easy Social Feed | Cross-Site Scripting (XSS) |
| Easy Social Feed | Cross-Site Scripting (XSS) via Shortcode |
| Easy Social Share Buttons | Cross-Site Scripting (XSS) |
| Easy Textillate | Cross-Site Scripting (XSS) via Shortcode |
| Easy!Appointments | Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | Cross-Site Scripting (XSS) |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| Elementor – Header, Footer & Blocks Template | Cross-Site Scripting (XSS) |
| Elementor Addon Elements | Cross-Site Scripting (XSS) |
| Elementor Addon Elements | Cross-Site Scripting (XSS) via 'Text Separator' and 'Image Compare' Widget |
| Elementor Addon Elements | Cross-Site Scripting (XSS) |
| Elementor Pro | Cross-Site Scripting (XSS) |
| Elementor Pro | Cross-Site Scripting (XSS) |
| Elementor Pro | Cross-Site Scripting (XSS) |
| Elementor Pro | Cross-Site Scripting (XSS) |
| Elementor Pro | Cross-Site Scripting (XSS) |
| Elementor Website Builder | Cross-Site Scripting (XSS) |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) via Image Accordion Widget |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) |
| Elements Plus! | Cross-Site Scripting (XSS) via widget links |
| Email Subscribers & Newsletters | Cross-Site Scripting (XSS) |
| Email Subscription Popup | Cross-Site Scripting (XSS) |
| EmbedPress | Cross-Site Scripting (XSS) via Attribute |
| EmbedPress | Cross-Site Scripting (XSS) via Wistia Block |
| EmbedPress | Cross-Site Scripting (XSS) via EmbedPress PDF Widget |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) via Event Calendar |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) via Data Table |
| EventPrime | Cross-Site Scripting (XSS) |
| EventPrime | Unauthenticated Cross-Site Scripting (XSS) |
| Events Manager | Cross-Site Scripting (XSS) |
| Evergreen Content Poster | Cross-Site Scripting (XSS) |
| Exchange Rates Widget | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) via Call to Action Widget |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) via Covid Stats Widget |
| Exclusive Addons Elementor | Cross-Site Scripting (XSS) via Countdown Timer Widget |
| Extensions For CF7 | Unauthenticated Cross-Site Scripting (XSS) |
| Fancy Comments WordPress | Cross-Site Scripting (XSS) |
| Favicon Rotator | Cross-Site Scripting (XSS) |
| Five Star Restaurant Menu | Cross-Site Scripting (XSS) |
| FlatPM | Cross-Site Scripting (XSS) |
| Fluent CRM | Cross-Site Scripting (XSS) |
| FluentForm | Cross-Site Scripting (XSS) |
| Football Pool | Cross-Site Scripting (XSS) |
| Forminator | Cross-Site Scripting (XSS) |
| Free Downloads WooCommerce | Cross-Site Scripting (XSS) |
| Frontend Dashboard | Cross-Site Scripting (XSS) |
| Fullscreen Galleria | Cross-Site Scripting (XSS) |
| Funnel Builder by CartFlows | Cross-Site Scripting (XSS) |
| FV Flowplayer Video Player | Cross-Site Scripting (XSS) |
| FV Flowplayer Video Player | Cross-Site Scripting (XSS) |
| GamiPress | Cross-Site Scripting (XSS) via Shortcode |
| GamiPress – Button | Cross-Site Scripting (XSS) via Shortcode |
| Geo Controller | Cross-Site Scripting (XSS) |
| GetResponse for WordPress | Cross-Site Scripting (XSS) |
| Getwid – Gutenberg Blocks | Cross-Site Scripting (XSS) via Block Content |
| Giveaways and Contests by RafflePress | Unauthenticated Cross-Site Scripting (XSS) |
| GiveWP | Cross-Site Scripting (XSS) |
| GiveWP | Cross-Site Scripting (XSS) |
| Gratisfaction | Cross-Site Scripting (XSS) |
| Grid Shortcodes | Cross-Site Scripting (XSS) |
| GS Pins for Pinterest | Cross-Site Scripting (XSS) |
| GS Testimonial Slider | Cross-Site Scripting (XSS) |
| Gum Elementor Addon | Cross-Site Scripting (XSS) via Post Meta Widget |
| Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) via Testimonial Widget |
| Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) |
| Hacklog Down As PDF | Cross-Site Scripting (XSS) |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) via Archive Title Widget |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) via Author Meta Widget |
| Hash Elements | Cross-Site Scripting (XSS) |
| Header Image Slider | Cross-Site Scripting (XSS) |
| HeartThis | Cross-Site Scripting (XSS) |
| Hot Random Image | Cross-Site Scripting (XSS) |
| HT Easy GA4 ( Google Analytics 4 ) | Cross-Site Scripting (XSS) |
| HT Mega | Cross-Site Scripting (XSS) |
| HT Mega | Cross-Site Scripting (XSS) via titleTag |
| HT Mega | Cross-Site Scripting (XSS) via Post Carousel Widget |
| HUSKY – Products Filter for WooCommerce (formerly WOOF) | Cross-Site Scripting (XSS) via Shortcode |
| iCalendrier | Cross-Site Scripting (XSS) |
| IDonate – blood request management system | Cross-Site Scripting (XSS) |
| iFlyChat – WordPress Chat | Cross-Site Scripting (XSS) |
| Image Hover Effects – Elementor Addon | Cross-Site Scripting (XSS) |
| Invitation Code Content Restriction Plugin from CreativeMinds | Cross-Site Scripting (XSS) |
| Jeg Elementor Kit | Cross-Site Scripting (XSS) via HTML Tags |
| Jeg Elementor Kit | Cross-Site Scripting (XSS) |
| JetWidgets For Elementor | Cross-Site Scripting (XSS) via Widget Button URL |
| JetWidgets For Elementor | Cross-Site Scripting (XSS) via Animated Box Widget |
| Jobeleon Theme | Cross-Site Scripting (XSS) |
| Jobs for WordPress | Cross-Site Scripting (XSS) |
| Kanban Boards for WordPress | Cross-Site Scripting (XSS) |
| Knight Lab Timeline | Cross-Site Scripting (XSS) via Shortcode |
| LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) |
| Landing Page Builder | Cross-Site Scripting (XSS) |
| Lightweight Accordion | Cross-Site Scripting (XSS) via Shortcode |
| Limit Attempts by BestWebSoft | Cross-Site Scripting (XSS) |
| Link Library | Cross-Site Scripting (XSS) |
| Link Library | Cross-Site Scripting (XSS) |
| Link Whisper Free | Cross-Site Scripting (XSS) |
| Livemesh Addons for Elementor | Cross-Site Scripting (XSS) |
| Livemesh Addons for WPBakery Page Builder | Cross-Site Scripting (XSS) |
| Livemesh Addons for WPBakery Page Builder | Cross-Site Scripting (XSS) via Shortcode |
| Locatoraid Store Locator | Cross-Site Scripting (XSS) |
| Lordicon Animated Icons | Cross-Site Scripting (XSS) |
| MailChimp Forms by MailMunch | Cross-Site Scripting (XSS) |
| Mailster | Cross-Site Scripting (XSS) |
| Mang Board WP | Cross-Site Scripting (XSS) |
| Master Addons for Elementor | Cross-Site Scripting (XSS) via Pricing Table Widget |
| Master Addons for Elementor | Cross-Site Scripting (XSS) |
| Master Slider | Cross-Site Scripting (XSS) via slider callback |
| Master Slider | Cross-Site Scripting (XSS) |
| Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more | Cross-Site Scripting (XSS) |
| Media Library Assistant | Cross-Site Scripting (XSS) via mla_gallery Shortcode |
| Memberpress | Cross-Site Scripting (XSS) via message and error |
| Metform Elementor Contact Form Builder | Cross-Site Scripting (XSS) via Shortcode |
| Mighty Classic Pros And Cons | Cross-Site Scripting (XSS) |
| MJM Clinic | Cross-Site Scripting (XSS) |
| MJM Clinic | Cross-Site Scripting (XSS) |
| Modal Window | Cross-Site Scripting (XSS) via Shortcode |
| Molongui | Cross-Site Scripting (XSS) |
| Move Addons for Elementor | Cross-Site Scripting (XSS) |
| Move Addons for Elementor | Cross-Site Scripting (XSS) |
| MP3 Audio Player for Music, Radio & Podcast by Sonaar | Cross-Site Scripting (XSS) |
| MyBookTable Bookstore | Cross-Site Scripting (XSS) |
| MyCurator Content Curation | Cross-Site Scripting (XSS) |
| New RoyalSlider | Cross-Site Scripting (XSS) |
| Newsletter2Go | Cross-Site Scripting (XSS) via style |
| Nextend Facebook Connect | Cross-Site Scripting (XSS) via error_description |
| Ninja Forms | Cross-Site Scripting (XSS) |
| Off-Canvas Sidebars & Menus (Slidebars) | Cross-Site Scripting (XSS) |
| oik | Cross-Site Scripting (XSS) via Shortcode |
| OneClick Chat to Order | Cross-Site Scripting (XSS) |
| OpenID | Cross-Site Scripting (XSS) |
| OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) | Cross-Site Scripting (XSS) |
| Orbit Fox by ThemeIsle | Cross-Site Scripting (XSS) via Registration Form Widget |
| Otter - Gutenberg Block | Cross-Site Scripting (XSS) |
| Otter - Gutenberg Block | Cross-Site Scripting (XSS) |
| Otter Blocks PRO | Cross-Site Scripting (XSS) via File Field CSS |
| Otter Blocks PRO | Unauthenticated Cross-Site Scripting (XSS) via SVG Upload (BAC) |
| OxyExtras | Cross-Site Scripting (XSS) |
| Page Builder by SiteOrigin | Cross-Site Scripting (XSS) via Legacy Image Widget |
| PageLayer | Cross-Site Scripting (XSS) via custom attributes |
| PageLayer | Cross-Site Scripting (XSS) via Custom Attributes |
| pageMash > Page Management | Cross-Site Scripting (XSS) |
| Passwordless Login | Cross-Site Scripting (XSS) |
| PDF Builder for WPForms | Cross-Site Scripting (XSS) |
| PDF Embedder | Cross-Site Scripting (XSS) |
| PDF Viewer for Elementor | Cross-Site Scripting (XSS) |
| Permalink Manager Lite | Cross-Site Scripting (XSS) |
| Permalink Manager Lite | Cross-Site Scripting (XSS) |
| Permalink Manager Pro | Cross-Site Scripting (XSS) |
| Photo Gallery by Ays | Cross-Site Scripting (XSS) |
| Photo Gallery by Supsystic | Cross-Site Scripting (XSS) |
| Piotnet Addons For Elementor | Cross-Site Scripting (XSS) |
| Platinum SEO | Cross-Site Scripting (XSS) |
| Pocket News Generator | Cross-Site Scripting (XSS) |
| Podlove Podcast Publisher | Cross-Site Scripting (XSS) |
| Podlove Web Player | Cross-Site Scripting (XSS) |
| Popup Builder | Cross-Site Scripting (XSS) |
| Popup Maker | Cross-Site Scripting (XSS) |
| Portfolio Gallery – Image Gallery Plugin | Cross-Site Scripting (XSS) |
| Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Cross-Site Scripting (XSS) |
| Post Grid | Cross-Site Scripting (XSS) |
| Post Grid, Slider & Carousel Ultimate | Cross-Site Scripting (XSS) |
| Post SMTP Mailer/Email Log | Cross-Site Scripting (XSS) |
| Post-Plugin Library | Cross-Site Scripting (XSS) |
| PowerPack Lite for Beaver Builder | Cross-Site Scripting (XSS) via element link |
| Premium Addons for Elementor | Cross-Site Scripting (XSS) |
| Premium Addons for Elementor | Cross-Site Scripting (XSS) |
| Premium Addons PRO | Multiple Cross-Site Scripting (XSS) |
| Premium Packages | Cross-Site Scripting (XSS) |
| Prenotazioni | Cross-Site Scripting (XSS) |
| Preview E-mails for WooCommerce | Cross-Site Scripting (XSS) |
| Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) |
| Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) via Rubix Widget |
| Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) via Mercury Widget |
| Print Page block | Cross-Site Scripting (XSS) |
| Product Feed PRO for WooCommerce | Cross-Site Scripting (XSS) |
| Profile Box Shortcode And Widget | Cross-Site Scripting (XSS) |
| ProfilePress | Cross-Site Scripting (XSS) via Shortcode |
| PropertyHive | Cross-Site Scripting (XSS) |
| Pz-LinkCard | Cross-Site Scripting (XSS) |
| Qi Addons For Elementor | Cross-Site Scripting (XSS) |
| Quiz And Survey Master | Cross-Site Scripting (XSS) |
| Radio Player | Cross-Site Scripting (XSS) |
| Rank Math SEO | Cross-Site Scripting (XSS) via HowTo block attributes |
| Real Media Library Lite | Cross-Site Scripting (XSS) |
| ReDi Restaurant Reservation | Cross-Site Scripting (XSS) |
| RegistrationMagic | Cross-Site Scripting (XSS) |
| Responsive flipbook | Cross-Site Scripting (XSS) |
| Responsive Image Gallery, Gallery Album | Cross-Site Scripting (XSS) |
| Responsive Image Gallery, Gallery Album | Cross-Site Scripting (XSS) |
| Responsive Pricing Table | Cross-Site Scripting (XSS) |
| Restrict User Access – Membership Plugin with Force | Cross-Site Scripting (XSS) |
| ReviewX | Cross-Site Scripting (XSS) |
| Royal Elementor Addons | Cross-Site Scripting (XSS) via Logo Widget |
| Sassy Social Share | Cross-Site Scripting (XSS) via Shortcode |
| Scalable Vector Graphics (SVG) | Cross-Site Scripting (XSS) via SVG |
| Scrollsequence | Cross-Site Scripting (XSS) |
| SEO Backlink Monitor | Cross-Site Scripting (XSS) |
| SEO Plugin by Squirrly SEO | Cross-Site Scripting (XSS) |
| SEO Title Tag | Cross-Site Scripting (XSS) |
| SEOPress | Cross-Site Scripting (XSS) |
| Seriously Simple Podcasting | Cross-Site Scripting (XSS) |
| Shariff Wrapper | Cross-Site Scripting (XSS) |
| Shariff Wrapper | Cross-Site Scripting (XSS) via Shortcode |
| Shariff Wrapper | Cross-Site Scripting (XSS) |
| Shariff Wrapper | Cross-Site Scripting (XSS) |
| Shipping with Venipak for WooCommerce | Cross-Site Scripting (XSS) |
| Shortlinks by Pretty Links | Cross-Site Scripting (XSS) |
| Simple Ajax Chat | Cross-Site Scripting (XSS) |
| Simple Ajax Chat | Unauthenticated Cross-Site Scripting (XSS) |
| Simple Membership | Unauthenticated Cross-Site Scripting (XSS) |
| Simply Schedule Appointments | Cross-Site Scripting (XSS) |
| Simply Static | Cross-Site Scripting (XSS) |
| Sina Extension for Elementor | Cross-Site Scripting (XSS) |
| Site Reviews | Cross-Site Scripting (XSS) |
| Site Reviews | Cross-Site Scripting (XSS) via display name |
| Sitekit | Cross-Site Scripting (XSS) |
| SiteOrigin Widgets Bundle | Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Scripting (XSS) via Wrapper Link URL |
| Slider by Supsystic | Cross-Site Scripting (XSS) |
| Slider Hero | Cross-Site Scripting (XSS) |
| Smart Online Order for Clover | Cross-Site Scripting (XSS) |
| Social Author Bio | Cross-Site Scripting (XSS) via Cross Site Request Forgery (CSRF) |
| SP Project & Document Manager | Broken Access Control (BAC) to Cross-Site Scripting (XSS) |
| Special Box for Content | Cross-Site Scripting (XSS) |
| Specific Content For Mobile – Customize the mobile version without redirections | Cross-Site Scripting (XSS) |
| Spiffy Calendar | Cross-Site Scripting (XSS) |
| Spin 360 deg and 3D Model Viewer | Cross-Site Scripting (XSS) |
| Sponsors | Cross-Site Scripting (XSS) |
| Stackable – Page Builder Gutenberg Blocks | Cross-Site Scripting (XSS) via Posts Block |
| Standout Color Boxes and Buttons | Cross-Site Scripting (XSS) via Shortcode |
| Starbox | Cross-Site Scripting (XSS) |
| Sticky Anything | Cross-Site Scripting (XSS) |
| Stratum | Cross-Site Scripting (XSS) |
| StreamWeasels Twitch Integration | Cross-Site Scripting (XSS) |
| Sunshine Photo Cart | Cross-Site Scripting (XSS) |
| Super Page Cache for Cloudflare | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SupportCandy | Cross-Site Scripting (XSS) |
| Survey Maker | Cross-Site Scripting (XSS) |
| Survey Maker | Cross-Site Scripting (XSS) |
| Sydney Toolbox | Cross-Site Scripting (XSS) via _id |
| System Dashboard | Cross-Site Scripting (XSS) via Header Injection |
| Table & Contact Form 7 Database – Tablesome | Cross-Site Scripting (XSS) |
| Tax Rate Upload | Cross-Site Scripting (XSS) |
| Team Members | Cross-Site Scripting (XSS) |
| The Moneytizer | Cross-Site Scripting (XSS) |
| The Plus Addons for Elementor Page Builder Lite | Cross-Site Scripting (XSS) Header Meta Content Widget |
| The Plus Blocks for Block Editor | Gutenberg | Cross-Site Scripting (XSS) |
| Themify Event Post | Cross-Site Scripting (XSS) |
| Themify Shortcodes | Cross-Site Scripting (XSS) |
| Ticket Tailor | Cross-Site Scripting (XSS) |
| Tourfic | Cross-Site Scripting (XSS) |
| Tourfic | Cross-Site Scripting (XSS) |
| Tracking Code Manager | Cross-Site Scripting (XSS) |
| Travelers' Map | Cross-Site Scripting (XSS) |
| Tumult Hype Animations | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Tutor LMS Elementor Addons | Cross-Site Scripting (XSS) |
| Ultimate Bootstrap Elements for Elementor | Cross-Site Scripting (XSS) |
| Ultimate Member | Unauthenticated Cross-Site Scripting (XSS) |
| Ultimate Posts Widget | Cross-Site Scripting (XSS) |
| Ultimate Social Comments – Email Notification & Lazy Load | Cross-Site Scripting (XSS) |
| underConstruction | Cross-Site Scripting (XSS) |
| Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Cross-Site Scripting (XSS) |
| User profile | Cross-Site Scripting (XSS) |
| User Registration | Unauthenticated Cross-Site Scripting (XSS) |
| User Rights Access Manager | Cross-Site Scripting (XSS) |
| UsersWP | Cross-Site Scripting (XSS) via Shortcode |
| UX Flat | Cross-Site Scripting (XSS) via Shortcode |
| Video Conferencing with Zoom | Cross-Site Scripting (XSS) via Shortcode |
| Visual Composer Website Builder | Cross-Site Scripting (XSS) |
| Visual Composer Website Builder | Cross-Site Scripting (XSS) |
| Visualizer | Cross-Site Scripting (XSS) |
| VK All in One Expansion Unit | Cross-Site Scripting (XSS) via className |
| WC Builder | Cross-Site Scripting (XSS) |
| WC Marketplace | Cross-Site Scripting (XSS) |
| WCFM – Frontend Manager for WooCommerce | Cross-Site Scripting (XSS) |
| Web Icons | Cross-Site Scripting (XSS) |
| Web Icons | Cross-Site Scripting (XSS) |
| Webinar and Video Conference with Jitsi Meet | Cross-Site Scripting (XSS) |
| Website Article Monetization By MageNet | Unauthenticated Cross-Site Scripting (XSS) |
| Weekly Class Schedule | Cross-Site Scripting (XSS) |
| weForms | Unauthenticated Cross-Site Scripting (XSS) via Referer |
| Weglot Translate | Cross-Site Scripting (XSS) via Block Attributes |
| WEN Responsive Columns | Cross-Site Scripting (XSS) |
| Widget for Social Page Feeds | Cross-Site Scripting (XSS) |
| WishSuite | Cross-Site Scripting (XSS) |
| Woo Viet | Cross-Site Scripting (XSS) |
| WooCommerce Bookings Calendar | Cross-Site Scripting (XSS) |
| WooCommerce Google Feed Manager | Cross-Site Scripting (XSS) |
| WooCommerce License Manager | Cross-Site Scripting (XSS) |
| WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels | Cross-Site Scripting (XSS) |
| WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels | Unauthenticated Cross-Site Scripting (XSS) |
| Woocommerce Social Media Share Buttons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WooLentor | Cross-Site Scripting (XSS) via Banner Link |
| WooThumbs for WooCommerce by Iconic | Cross-Site Scripting (XSS) |
| WordPress Importer | Cross-Site Scripting (XSS) |
| WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
| WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
| WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
| WordPress Page Builder – Zion Builder | Cross-Site Scripting (XSS) |
| WP Armour – Honeypot Anti Spam | Cross-Site Scripting (XSS) |
| WP Calameo | Cross-Site Scripting (XSS) |
| WP Change Email Sender | Cross-Site Scripting (XSS) |
| WP Chat App | Cross-Site Scripting (XSS) via Block Attributes |
| WP Coder | Cross-Site Scripting (XSS) |
| WP Directory Kit | Cross-Site Scripting (XSS) |
| WP Editor | Cross-Site Scripting (XSS) |
| WP Fast Total Search | Cross-Site Scripting (XSS) |
| WP Google Maps | Cross-Site Scripting (XSS) |
| WP Google Maps | Cross-Site Scripting (XSS) |
| WP Google Maps | Cross-Site Scripting (XSS) via Shortcode |
| WP Poll Maker | Cross-Site Scripting (XSS) |
| WP Popups | Cross-Site Scripting (XSS) |
| WP Post Disclaimer | Cross-Site Scripting (XSS) |
| WP Recipe Maker | Cross-Site Scripting (XSS) via Video Embed |
| WP Responsive Tabs horizontal vertical and accordion Tabs | Cross-Site Scripting (XSS) |
| WP Statistics | Unauthenticated Cross-Site Scripting (XSS) |
| WP Twitter Mega Fan Box Widget | Cross-Site Scripting (XSS) |
| WP-CRM System | Cross-Site Scripting (XSS) |
| WP-Eggdrop | Cross-Site Scripting (XSS) |
| wp-forecast | Cross-Site Scripting (XSS) |
| WP-Lister Lite for Amazon | Cross-Site Scripting (XSS) |
| WP-Lister Lite for Amazon | Cross-Site Scripting (XSS) |
| WP-Members | Cross-Site Scripting (XSS) via Shortcode |
| wp-mpdf | Cross-Site Scripting (XSS) |
| WPFront Notification Bar | Cross-Site Scripting (XSS) |
| WPFunnels | Cross-Site Scripting (XSS) |
| WPKoi Templates for Elementor | Cross-Site Scripting (XSS) via Advanced Heading Widget |
| Xpro Elementor Addons | Cross-Site Scripting (XSS) |
| YITH WooCommerce Product Add-Ons | Cross-Site Scripting (XSS) |
| Yoo Slider | Cross-Site Scripting (XSS) |
| Youzify Buddypress Moderation | Unauthenticated Cross-Site Scripting (XSS) |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 710 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.