WP XSS APR 2024: 437 Effortless WP Cross-Site Scripting

Sponsored by:

Discover managed ACQUISITION metrics for WordPress, WooCommerce, Shopify, SaaS. Managed for you on your domain, inside your hosting account, in your country. With a good managed monitoring strategy in place, you'll gain greater transparency & visibility into your operations with a timely alerting system.

Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS APR 2024 is a +197% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.

Contact your online project manager:

Order managed services

Fast forward 2-3 years: your business is on autopilot, yet you are in control. Your 3rd party integrations still work, your partners and your customers are happy.

There hasn’t been a crisis or “online emergency” in ages, and all your reports are OK and green. Whimsical? The future is already here. Step into your future today.

WP XSS APR 2024

As these Cross-Site Scripting cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP XSS APR 2024 & WP Cross-Site Scripting category:

SpiderFAQ Cross-Site Scripting (XSS)
Add Shortcodes Actions And Filters Cross-Site Scripting (XSS)
AdsPlace'r – Ad Manager, Inserter, AdSense Ads Cross-Site Scripting (XSS)
Advanced Access Manager Cross-Site Scripting (XSS)
Advanced Access Manager Cross-Site Scripting (XSS)
Advanced Form Integration SQL Injection (SQLi) to Cross-Site Scripting (XSS) via integration_id
Advanced Sermons Cross-Site Scripting (XSS)
Advanced Sermons Cross-Site Scripting (XSS)
Advanced Social Feeds Widget & Shortcode Cross-Site Scripting (XSS)
Aesop Story Engine Cross-Site Scripting (XSS)
affiliate-toolkit Cross-Site Scripting (XSS)
AI Engine: ChatGPT Chatbot Unauthenticated Cross-Site Scripting (XSS)
AI Twitter Feeds (Twitter widget & shortcode) Cross-Site Scripting (XSS)
Ajax Load More Cross-Site Scripting (XSS)
All In One Redirection Cross-Site Scripting (XSS)
Amelia Cross-Site Scripting (XSS)
Animated Headline Cross-Site Scripting (XSS) via Shortcode
AntiSpam for Contact Form 7 Cross-Site Scripting (XSS)
Aparat for WordPress Cross-Site Scripting (XSS)
APIExperts Square for WooCommerce Cross-Site Scripting (XSS)
Appointment Calendar Cross-Site Scripting (XSS)
ARMember Cross-Site Scripting (XSS)
Astra Theme Cross-Site Scripting (XSS)
Astra Theme Cross-Site Scripting (XSS) Through Display Name
Automation By Autonami Cross-Site Scripting (XSS)
Avada Theme Cross-Site Scripting (XSS) via Shortcode
B Slider - Slider for your block editor Cross-Site Scripting (XSS)
Barcode Scanner with Inventory & Order Manager Cross-Site Scripting (XSS)
BEAR Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS) via heading tag
Beaver Builder Addons by WPZOOM Cross-Site Scripting (XSS)
Better Elementor Addons Cross-Site Scripting (XSS) via widget links
Better Elementor Addons Cross-Site Scripting (XSS)
Better Search Cross-Site Scripting (XSS)
BetterDocs Cross-Site Scripting (XSS) via Shortcode
BizPrint Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Blocksy Companion Cross-Site Scripting (XSS)
Blocksy Theme Cross-Site Scripting (XSS)
Blue Triad EZAnalytics Cross-Site Scripting (XSS) via 'bt_webid'
Bold Page Builder Cross-Site Scripting (XSS)
Bold Page Builder Cross-Site Scripting (XSS)
Booking Activities Cross-Site Scripting (XSS)
Booster for WooCommerce Cross-Site Scripting (XSS)
Booster for WooCommerce Cross-Site Scripting (XSS) via Shortocde
Breeze Cross-Site Scripting (XSS)
Broken Images Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
BuddyForms Cross-Site Scripting (XSS)
Bulk NoIndex & NoFollow Toolkit Cross-Site Scripting (XSS)
Burst Statistics Cross-Site Scripting (XSS) via burst_total_pageviews_count
Calculated Fields Form Cross-Site Scripting (XSS)
Calculated Fields Form Unauthenticated Cross-Site Scripting (XSS)
Calendarista Basic Edition Cross-Site Scripting (XSS)
Cards for Beaver Builder Cross-Site Scripting (XSS) via bootstrapcard link
Carousel Anything For WPBakery Page Builder Cross-Site Scripting (XSS)
Change default login logo,url and title Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Christmas Greetings Cross-Site Scripting (XSS)
Church Admin Cross-Site Scripting (XSS)
Church Admin Cross-Site Scripting (XSS)
Co-marquage service-public.fr Cross-Site Scripting (XSS)
Co-marquage service-public.fr Cross-Site Scripting (XSS)
CoBlocks Cross-Site Scripting (XSS)
collectchat Cross-Site Scripting (XSS)
ColorMag Theme Cross-Site Scripting (XSS) via Display Name
Comic Easel Cross-Site Scripting (XSS)
Compact WP Audio Player Cross-Site Scripting (XSS)
Contact Form 7 Cross-Site Scripting (XSS)
Contact Form 7 – PayPal & Stripe Add-on Cross-Site Scripting (XSS)
Contact Form 7 Newsletter Cross-Site Scripting (XSS)
Contact Form by BestWebSoft Cross-Site Scripting (XSS)
Contact Form Entries Cross-Site Scripting (XSS) via shortcode
Contact Forms by Cimatti Cross-Site Scripting (XSS)
Contact Forms by Cimatti Unauthenticated Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
Contests by Rewards Fuel Cross-Site Scripting (XSS) via Update (BAC)_rewards_fuel_api_key
Contests by Rewards Fuel Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Conversios.io Cross-Site Scripting (XSS)
Convert Post Types Cross-Site Scripting (XSS)
Cornerstone Cross-Site Scripting (XSS)
Coupon Affiliates Cross-Site Scripting (XSS)
Creative Image Slider – Responsive Slider Plugin Cross-Site Scripting (XSS)
Crisp Cross-Site Scripting (XSS)
CRM Perks Forms Cross-Site Scripting (XSS)
Crypto Converter Widget Cross-Site Scripting (XSS)
Custom Field Bulk Editor Cross-Site Scripting (XSS)
Custom WooCommerce Checkout Fields Editor Cross-Site Scripting (XSS)
CWW Companion Cross-Site Scripting (XSS)
Database for Contact Form 7 Unauthenticated Cross-Site Scripting (XSS)
DD Rating Cross-Site Scripting (XSS)
DearFlip Cross-Site Scripting (XSS)
Doneren met Mollie Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS)
Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress Cross-Site Scripting (XSS)
Droit Elementor Addons Cross-Site Scripting (XSS)
Dropdown Multisite selector Cross-Site Scripting (XSS)
DX-Watermark Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) and Cross-Site Scripting (XSS)
Easy Accordion Cross-Site Scripting (XSS)
Easy Appointments Cross-Site Scripting (XSS)
Easy Social Feed Cross-Site Scripting (XSS)
Easy Social Feed Cross-Site Scripting (XSS) via Shortcode
Easy Social Share Buttons Cross-Site Scripting (XSS)
Easy Textillate Cross-Site Scripting (XSS) via Shortcode
Easy!Appointments Cross-Site Scripting (XSS)
Element Pack Elementor Addons Cross-Site Scripting (XSS)
ElementInvader Addons for Elementor Cross-Site Scripting (XSS)
Elementor – Header, Footer & Blocks Template Cross-Site Scripting (XSS)
Elementor Addon Elements Cross-Site Scripting (XSS)
Elementor Addon Elements Cross-Site Scripting (XSS) via 'Text Separator' and 'Image Compare' Widget
Elementor Addon Elements Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Website Builder Cross-Site Scripting (XSS)
Elements kit Elementor addons Cross-Site Scripting (XSS) via Image Accordion Widget
Elements kit Elementor addons Cross-Site Scripting (XSS)
Elements kit Elementor addons Cross-Site Scripting (XSS)
Elements Plus! Cross-Site Scripting (XSS) via widget links
Email Subscribers & Newsletters Cross-Site Scripting (XSS)
Email Subscription Popup Cross-Site Scripting (XSS)
EmbedPress Cross-Site Scripting (XSS) via Attribute
EmbedPress Cross-Site Scripting (XSS) via Wistia Block
EmbedPress Cross-Site Scripting (XSS) via EmbedPress PDF Widget
Essential Addons for Elementor Cross-Site Scripting (XSS)
Essential Addons for Elementor Cross-Site Scripting (XSS) via Event Calendar
Essential Addons for Elementor Cross-Site Scripting (XSS) via Data Table
EventPrime Cross-Site Scripting (XSS)
EventPrime Unauthenticated Cross-Site Scripting (XSS)
Events Manager Cross-Site Scripting (XSS)
Evergreen Content Poster Cross-Site Scripting (XSS)
Exchange Rates Widget Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Call to Action Widget
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Covid Stats Widget
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Countdown Timer Widget
Extensions For CF7 Unauthenticated Cross-Site Scripting (XSS)
Fancy Comments WordPress Cross-Site Scripting (XSS)
Favicon Rotator Cross-Site Scripting (XSS)
Five Star Restaurant Menu Cross-Site Scripting (XSS)
FlatPM Cross-Site Scripting (XSS)
Fluent CRM Cross-Site Scripting (XSS)
FluentForm Cross-Site Scripting (XSS)
Football Pool Cross-Site Scripting (XSS)
Forminator Cross-Site Scripting (XSS)
Free Downloads WooCommerce Cross-Site Scripting (XSS)
Frontend Dashboard Cross-Site Scripting (XSS)
Fullscreen Galleria Cross-Site Scripting (XSS)
Funnel Builder by CartFlows Cross-Site Scripting (XSS)
FV Flowplayer Video Player Cross-Site Scripting (XSS)
FV Flowplayer Video Player Cross-Site Scripting (XSS)
GamiPress Cross-Site Scripting (XSS) via Shortcode
GamiPress – Button Cross-Site Scripting (XSS) via Shortcode
Geo Controller Cross-Site Scripting (XSS)
GetResponse for WordPress Cross-Site Scripting (XSS)
Getwid – Gutenberg Blocks Cross-Site Scripting (XSS) via Block Content
Giveaways and Contests by RafflePress Unauthenticated Cross-Site Scripting (XSS)
GiveWP Cross-Site Scripting (XSS)
GiveWP Cross-Site Scripting (XSS)
Gratisfaction Cross-Site Scripting (XSS)
Grid Shortcodes Cross-Site Scripting (XSS)
GS Pins for Pinterest Cross-Site Scripting (XSS)
GS Testimonial Slider Cross-Site Scripting (XSS)
Gum Elementor Addon Cross-Site Scripting (XSS) via Post Meta Widget
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS) via Testimonial Widget
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS)
Hacklog Down As PDF Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS) via Archive Title Widget
Happy Addons for Elementor Cross-Site Scripting (XSS) via Author Meta Widget
Hash Elements Cross-Site Scripting (XSS)
Header Image Slider Cross-Site Scripting (XSS)
HeartThis Cross-Site Scripting (XSS)
Hot Random Image Cross-Site Scripting (XSS)
HT Easy GA4 ( Google Analytics 4 ) Cross-Site Scripting (XSS)
HT Mega Cross-Site Scripting (XSS)
HT Mega Cross-Site Scripting (XSS) via titleTag
HT Mega Cross-Site Scripting (XSS) via Post Carousel Widget
HUSKY – Products Filter for WooCommerce (formerly WOOF) Cross-Site Scripting (XSS) via Shortcode
iCalendrier Cross-Site Scripting (XSS)
IDonate – blood request management system Cross-Site Scripting (XSS)
iFlyChat – WordPress Chat Cross-Site Scripting (XSS)
Image Hover Effects – Elementor Addon Cross-Site Scripting (XSS)
Invitation Code Content Restriction Plugin from CreativeMinds Cross-Site Scripting (XSS)
Jeg Elementor Kit Cross-Site Scripting (XSS) via HTML Tags
Jeg Elementor Kit Cross-Site Scripting (XSS)
JetWidgets For Elementor Cross-Site Scripting (XSS) via Widget Button URL
JetWidgets For Elementor Cross-Site Scripting (XSS) via Animated Box Widget
Jobeleon Theme Cross-Site Scripting (XSS)
Jobs for WordPress Cross-Site Scripting (XSS)
Kanban Boards for WordPress Cross-Site Scripting (XSS)
Knight Lab Timeline Cross-Site Scripting (XSS) via Shortcode
LA-Studio Element Kit for Elementor Cross-Site Scripting (XSS)
Landing Page Builder Cross-Site Scripting (XSS)
Lightweight Accordion Cross-Site Scripting (XSS) via Shortcode
Limit Attempts by BestWebSoft Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link Whisper Free Cross-Site Scripting (XSS)
Livemesh Addons for Elementor Cross-Site Scripting (XSS)
Livemesh Addons for WPBakery Page Builder Cross-Site Scripting (XSS)
Livemesh Addons for WPBakery Page Builder Cross-Site Scripting (XSS) via Shortcode
Locatoraid Store Locator Cross-Site Scripting (XSS)
Lordicon Animated Icons Cross-Site Scripting (XSS)
MailChimp Forms by MailMunch Cross-Site Scripting (XSS)
Mailster Cross-Site Scripting (XSS)
Mang Board WP Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS) via Pricing Table Widget
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Slider Cross-Site Scripting (XSS) via slider callback
Master Slider Cross-Site Scripting (XSS)
Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more Cross-Site Scripting (XSS)
Media Library Assistant Cross-Site Scripting (XSS) via mla_gallery Shortcode
Memberpress Cross-Site Scripting (XSS) via message and error
Metform Elementor Contact Form Builder Cross-Site Scripting (XSS) via Shortcode
Mighty Classic Pros And Cons Cross-Site Scripting (XSS)
MJM Clinic Cross-Site Scripting (XSS)
MJM Clinic Cross-Site Scripting (XSS)
Modal Window Cross-Site Scripting (XSS) via Shortcode
Molongui Cross-Site Scripting (XSS)
Move Addons for Elementor Cross-Site Scripting (XSS)
Move Addons for Elementor Cross-Site Scripting (XSS)
MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (XSS)
MyBookTable Bookstore Cross-Site Scripting (XSS)
MyCurator Content Curation Cross-Site Scripting (XSS)
New RoyalSlider Cross-Site Scripting (XSS)
Newsletter2Go Cross-Site Scripting (XSS) via style
Nextend Facebook Connect Cross-Site Scripting (XSS) via error_description
Ninja Forms Cross-Site Scripting (XSS)
Off-Canvas Sidebars & Menus (Slidebars) Cross-Site Scripting (XSS)
oik Cross-Site Scripting (XSS) via Shortcode
OneClick Chat to Order Cross-Site Scripting (XSS)
OpenID Cross-Site Scripting (XSS)
OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Cross-Site Scripting (XSS)
Orbit Fox by ThemeIsle Cross-Site Scripting (XSS) via Registration Form Widget
Otter - Gutenberg Block Cross-Site Scripting (XSS)
Otter - Gutenberg Block Cross-Site Scripting (XSS)
Otter Blocks PRO Cross-Site Scripting (XSS) via File Field CSS
Otter Blocks PRO Unauthenticated Cross-Site Scripting (XSS) via SVG Upload (BAC)
OxyExtras Cross-Site Scripting (XSS)
Page Builder by SiteOrigin Cross-Site Scripting (XSS) via Legacy Image Widget
PageLayer Cross-Site Scripting (XSS) via custom attributes
PageLayer Cross-Site Scripting (XSS) via Custom Attributes
pageMash > Page Management Cross-Site Scripting (XSS)
Passwordless Login Cross-Site Scripting (XSS)
PDF Builder for WPForms Cross-Site Scripting (XSS)
PDF Embedder Cross-Site Scripting (XSS)
PDF Viewer for Elementor Cross-Site Scripting (XSS)
Permalink Manager Lite Cross-Site Scripting (XSS)
Permalink Manager Lite Cross-Site Scripting (XSS)
Permalink Manager Pro Cross-Site Scripting (XSS)
Photo Gallery by Ays Cross-Site Scripting (XSS)
Photo Gallery by Supsystic Cross-Site Scripting (XSS)
Piotnet Addons For Elementor Cross-Site Scripting (XSS)
Platinum SEO Cross-Site Scripting (XSS)
Pocket News Generator Cross-Site Scripting (XSS)
Podlove Podcast Publisher Cross-Site Scripting (XSS)
Podlove Web Player Cross-Site Scripting (XSS)
Popup Builder Cross-Site Scripting (XSS)
Popup Maker Cross-Site Scripting (XSS)
Portfolio Gallery – Image Gallery Plugin Cross-Site Scripting (XSS)
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor Cross-Site Scripting (XSS)
Post Grid Cross-Site Scripting (XSS)
Post Grid, Slider & Carousel Ultimate Cross-Site Scripting (XSS)
Post SMTP Mailer/Email Log Cross-Site Scripting (XSS)
Post-Plugin Library Cross-Site Scripting (XSS)
PowerPack Lite for Beaver Builder Cross-Site Scripting (XSS) via element link
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons PRO Multiple Cross-Site Scripting (XSS)
Premium Packages Cross-Site Scripting (XSS)
Prenotazioni Cross-Site Scripting (XSS)
Preview E-mails for WooCommerce Cross-Site Scripting (XSS)
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS)
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS) via Rubix Widget
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS) via Mercury Widget
Print Page block Cross-Site Scripting (XSS)
Product Feed PRO for WooCommerce Cross-Site Scripting (XSS)
Profile Box Shortcode And Widget Cross-Site Scripting (XSS)
ProfilePress Cross-Site Scripting (XSS) via Shortcode
PropertyHive Cross-Site Scripting (XSS)
Pz-LinkCard Cross-Site Scripting (XSS)
Qi Addons For Elementor Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Radio Player Cross-Site Scripting (XSS)
Rank Math SEO Cross-Site Scripting (XSS) via HowTo block attributes
Real Media Library Lite Cross-Site Scripting (XSS)
ReDi Restaurant Reservation Cross-Site Scripting (XSS)
RegistrationMagic Cross-Site Scripting (XSS)
Responsive flipbook Cross-Site Scripting (XSS)
Responsive Image Gallery, Gallery Album Cross-Site Scripting (XSS)
Responsive Image Gallery, Gallery Album Cross-Site Scripting (XSS)
Responsive Pricing Table Cross-Site Scripting (XSS)
Restrict User Access – Membership Plugin with Force Cross-Site Scripting (XSS)
ReviewX Cross-Site Scripting (XSS)
Royal Elementor Addons Cross-Site Scripting (XSS) via Logo Widget
Sassy Social Share Cross-Site Scripting (XSS) via Shortcode
Scalable Vector Graphics (SVG) Cross-Site Scripting (XSS) via SVG
Scrollsequence Cross-Site Scripting (XSS)
SEO Backlink Monitor Cross-Site Scripting (XSS)
SEO Plugin by Squirrly SEO Cross-Site Scripting (XSS)
SEO Title Tag Cross-Site Scripting (XSS)
SEOPress Cross-Site Scripting (XSS)
Seriously Simple Podcasting Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS) via Shortcode
Shariff Wrapper Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS)
Shipping with Venipak for WooCommerce Cross-Site Scripting (XSS)
Shortlinks by Pretty Links Cross-Site Scripting (XSS)
Simple Ajax Chat Cross-Site Scripting (XSS)
Simple Ajax Chat Unauthenticated Cross-Site Scripting (XSS)
Simple Membership Unauthenticated Cross-Site Scripting (XSS)
Simply Schedule Appointments Cross-Site Scripting (XSS)
Simply Static Cross-Site Scripting (XSS)
Sina Extension for Elementor Cross-Site Scripting (XSS)
Site Reviews Cross-Site Scripting (XSS)
Site Reviews Cross-Site Scripting (XSS) via display name
Sitekit Cross-Site Scripting (XSS)
SiteOrigin Widgets Bundle Cross-Site Scripting (XSS)
Sky Addons for Elementor Cross-Site Scripting (XSS) via Wrapper Link URL
Slider by Supsystic Cross-Site Scripting (XSS)
Slider Hero Cross-Site Scripting (XSS)
Smart Online Order for Clover Cross-Site Scripting (XSS)
Social Author Bio Cross-Site Scripting (XSS) via Cross Site Request Forgery (CSRF)
SP Project & Document Manager Broken Access Control (BAC) to Cross-Site Scripting (XSS)
Special Box for Content Cross-Site Scripting (XSS)
Specific Content For Mobile – Customize the mobile version without redirections Cross-Site Scripting (XSS)
Spiffy Calendar Cross-Site Scripting (XSS)
Spin 360 deg and 3D Model Viewer Cross-Site Scripting (XSS)
Sponsors Cross-Site Scripting (XSS)
Stackable – Page Builder Gutenberg Blocks Cross-Site Scripting (XSS) via Posts Block
Standout Color Boxes and Buttons Cross-Site Scripting (XSS) via Shortcode
Starbox Cross-Site Scripting (XSS)
Sticky Anything Cross-Site Scripting (XSS)
Stratum Cross-Site Scripting (XSS)
StreamWeasels Twitch Integration Cross-Site Scripting (XSS)
Sunshine Photo Cart Cross-Site Scripting (XSS)
Super Page Cache for Cloudflare Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
SupportCandy Cross-Site Scripting (XSS)
Survey Maker Cross-Site Scripting (XSS)
Survey Maker Cross-Site Scripting (XSS)
Sydney Toolbox Cross-Site Scripting (XSS) via _id
System Dashboard Cross-Site Scripting (XSS) via Header Injection
Table & Contact Form 7 Database – Tablesome Cross-Site Scripting (XSS)
Tax Rate Upload Cross-Site Scripting (XSS)
Team Members Cross-Site Scripting (XSS)
The Moneytizer Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS) Header Meta Content Widget
The Plus Blocks for Block Editor | Gutenberg Cross-Site Scripting (XSS)
Themify Event Post Cross-Site Scripting (XSS)
Themify Shortcodes Cross-Site Scripting (XSS)
Ticket Tailor Cross-Site Scripting (XSS)
Tourfic Cross-Site Scripting (XSS)
Tourfic Cross-Site Scripting (XSS)
Tracking Code Manager Cross-Site Scripting (XSS)
Travelers' Map Cross-Site Scripting (XSS)
Tumult Hype Animations Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Tutor LMS Elementor Addons Cross-Site Scripting (XSS)
Ultimate Bootstrap Elements for Elementor Cross-Site Scripting (XSS)
Ultimate Member Unauthenticated Cross-Site Scripting (XSS)
Ultimate Posts Widget Cross-Site Scripting (XSS)
Ultimate Social Comments – Email Notification & Lazy Load Cross-Site Scripting (XSS)
underConstruction Cross-Site Scripting (XSS)
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (XSS)
User profile Cross-Site Scripting (XSS)
User Registration Unauthenticated Cross-Site Scripting (XSS)
User Rights Access Manager Cross-Site Scripting (XSS)
UsersWP Cross-Site Scripting (XSS) via Shortcode
UX Flat Cross-Site Scripting (XSS) via Shortcode
Video Conferencing with Zoom Cross-Site Scripting (XSS) via Shortcode
Visual Composer Website Builder Cross-Site Scripting (XSS)
Visual Composer Website Builder Cross-Site Scripting (XSS)
Visualizer Cross-Site Scripting (XSS)
VK All in One Expansion Unit Cross-Site Scripting (XSS) via className
WC Builder Cross-Site Scripting (XSS)
WC Marketplace Cross-Site Scripting (XSS)
WCFM – Frontend Manager for WooCommerce Cross-Site Scripting (XSS)
Web Icons Cross-Site Scripting (XSS)
Web Icons Cross-Site Scripting (XSS)
Webinar and Video Conference with Jitsi Meet Cross-Site Scripting (XSS)
Website Article Monetization By MageNet Unauthenticated Cross-Site Scripting (XSS)
Weekly Class Schedule Cross-Site Scripting (XSS)
weForms Unauthenticated Cross-Site Scripting (XSS) via Referer
Weglot Translate Cross-Site Scripting (XSS) via Block Attributes
WEN Responsive Columns Cross-Site Scripting (XSS)
Widget for Social Page Feeds Cross-Site Scripting (XSS)
WishSuite Cross-Site Scripting (XSS)
Woo Viet Cross-Site Scripting (XSS)
WooCommerce Bookings Calendar Cross-Site Scripting (XSS)
WooCommerce Google Feed Manager Cross-Site Scripting (XSS)
WooCommerce License Manager Cross-Site Scripting (XSS)
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Cross-Site Scripting (XSS)
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Unauthenticated Cross-Site Scripting (XSS)
Woocommerce Social Media Share Buttons Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
WooLentor Cross-Site Scripting (XSS) via Banner Link
WooThumbs for WooCommerce by Iconic Cross-Site Scripting (XSS)
WordPress Importer Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Page Builder – Zion Builder Cross-Site Scripting (XSS)
WP Armour – Honeypot Anti Spam Cross-Site Scripting (XSS)
WP Calameo Cross-Site Scripting (XSS)
WP Change Email Sender Cross-Site Scripting (XSS)
WP Chat App Cross-Site Scripting (XSS) via Block Attributes
WP Coder Cross-Site Scripting (XSS)
WP Directory Kit Cross-Site Scripting (XSS)
WP Editor Cross-Site Scripting (XSS)
WP Fast Total Search Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS) via Shortcode
WP Poll Maker Cross-Site Scripting (XSS)
WP Popups Cross-Site Scripting (XSS)
WP Post Disclaimer Cross-Site Scripting (XSS)
WP Recipe Maker Cross-Site Scripting (XSS) via Video Embed
WP Responsive Tabs horizontal vertical and accordion Tabs Cross-Site Scripting (XSS)
WP Statistics Unauthenticated Cross-Site Scripting (XSS)
WP Twitter Mega Fan Box Widget Cross-Site Scripting (XSS)
WP-CRM System Cross-Site Scripting (XSS)
WP-Eggdrop Cross-Site Scripting (XSS)
wp-forecast Cross-Site Scripting (XSS)
WP-Lister Lite for Amazon Cross-Site Scripting (XSS)
WP-Lister Lite for Amazon Cross-Site Scripting (XSS)
WP-Members Cross-Site Scripting (XSS) via Shortcode
wp-mpdf Cross-Site Scripting (XSS)
WPFront Notification Bar Cross-Site Scripting (XSS)
WPFunnels Cross-Site Scripting (XSS)
WPKoi Templates for Elementor Cross-Site Scripting (XSS) via Advanced Heading Widget
Xpro Elementor Addons Cross-Site Scripting (XSS)
YITH WooCommerce Product Add-Ons Cross-Site Scripting (XSS)
Yoo Slider Cross-Site Scripting (XSS)
Youzify Buddypress Moderation Unauthenticated Cross-Site Scripting (XSS)
WordPress Cross-Site Scripting (XSS) reported in 2023: 2928
WordPress Cross-Site Scripting (XSS) reported in 2024: 710
Contact your online project manager:

Get managed security

Fast forward 2-3 years: your business is on autopilot, yet you are in control. Your website is humming along, leads & customers are rolling in.

There hasn’t been a crisis or “website emergency” in ages, and all your charts are pointing up and to the right. Whimsical? The future is already here. Step into your future today.

Table Of Contents


A cup of coffee makes a difference ...

How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:

ultrai.ae managed online © 2023 - 2024 – All rights reserved
We’re on an empowering mission for customers, who desire not to be transformed forcefully into IT experts.
ultrai.ae

Sign up for our newsletter

We send just one email a month with technical updates.
Topics include: XSS, CSRF, SSRF, SQLi, BAC.

We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.