Discover managed ACQUISITION metrics for WordPress, WooCommerce, Shopify, SaaS. Managed for you on your domain, inside your hosting account, in your country. With a good managed monitoring strategy in place, you'll gain greater transparency & visibility into your operations with a timely alerting system.
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS JUN 2024 is a -16% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Scripting cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP XSS JUN 2024 & WP Cross-Site Scripting category:
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery | Cross-Site Scripting (XSS) via Bookmark URL |
3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin | Cross-Site Scripting (XSS) |
AA Cash Calculator | Cross-Site Scripting (XSS) via invoice |
Add Custom CSS and JS | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
ADFO | Cross-Site Scripting (XSS) |
Advanced Ads – Ad Manager & AdSense | Cross-Site Scripting (XSS) via Ad Widget |
Advanced iFrame | Cross-Site Scripting (XSS) |
All Bootstrap Blocks | Cross-Site Scripting (XSS) |
Atarim | Unauthenticated Cross-Site Scripting (XSS) |
Automatic | Cross-Site Scripting (XSS) via autoplay Parameter |
Automatic Translator with Auto Translate | Cross-Site Scripting (XSS) via Custom Font |
Awesome Contact Form7 for Elementor | Cross-Site Scripting (XSS) via AEP Contact Form Widget |
AWSOM News Announcement | Cross-Site Scripting (XSS) |
Base64 Encoder/Decoder | Cross-Site Scripting (XSS) |
Base64 Encoder/Decoder | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
Beaver Builder | Cross-Site Scripting (XSS) |
Beaver Builder | Cross-Site Scripting (XSS) via photo widget crop attribute |
Better Elementor Addons | Cross-Site Scripting (XSS) |
Blocksy Companion | Cross-Site Scripting (XSS) via SVG Upload (BAC)s |
Blocksy Theme | Cross-Site Scripting (XSS) |
Blocksy Theme | Cross-Site Scripting (XSS) |
BlogLentor | Cross-Site Scripting (XSS) |
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg | Cross-Site Scripting (XSS) |
Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg | Cross-Site Scripting (XSS) via Multiple Widgets |
Breakdance | Cross-Site Scripting (XSS) |
Brozzme Scroll Top | Cross-Site Scripting (XSS) |
BuddyPress | Cross-Site Scripting (XSS) |
Button contact VR | Cross-Site Scripting (XSS) |
Carousel Slider | Cross-Site Scripting (XSS) |
ChaosTheory Theme | Cross-Site Scripting (XSS) |
Comments Evolved for WordPress | Cross-Site Scripting (XSS) |
Comparison Slider | Cross-Site Scripting (XSS) |
Configure Login Timeout | Cross-Site Scripting (XSS) |
Contact Form & Lead Form Elementor Builder | Cross-Site Scripting (XSS) |
Content Blocks (Custom Post Widget) | Cross-Site Scripting (XSS) |
Content Views | Cross-Site Scripting (XSS) via pagingType Parameter |
Conversational Forms for ChatBot | Cross-Site Scripting (XSS) |
Corona Virus (COVID-19) Banner & Live Data | Cross-Site Scripting (XSS) |
Cost Calculator Builder Pro | Unauthenticated Cross-Site Scripting (XSS) via SVG Upload (BAC) |
Counter Up | Cross-Site Scripting (XSS) |
Crelly Slider | Cross-Site Scripting (XSS) |
Custom Field Suite | Cross-Site Scripting (XSS) |
Custom Fonts – Host Your Fonts Locally | Cross-Site Scripting (XSS) |
Custom Post Type Attachment | Cross-Site Scripting (XSS) via pdf_attachment Shortcode |
Debug Info | Cross-Site Scripting (XSS) |
DethemeKit For Elementor | Cross-Site Scripting (XSS) |
DethemeKit For Elementor | Cross-Site Scripting (XSS) via Multiple Widgets |
DethemeKit For Elementor | Cross-Site Scripting (XSS) via slitems Attribute |
Ditty | Cross-Site Scripting (XSS) |
Divi Builder | DOM-Based Cross-Site Scripting (XSS) |
Divi Theme | DOM-Based Cross-Site Scripting (XSS) |
Download Alt Text AI | Cross-Site Scripting (XSS) |
Download Manager | Cross-Site Scripting (XSS) via wpdm-all-packages Shortcode |
Easy Affiliate Links | Cross-Site Scripting (XSS) |
EasyEvent | Cross-Site Scripting (XSS) |
Edge Theme | Cross-Site Scripting (XSS) |
Elegant Addons for elementor | Cross-Site Scripting (XSS) via HTML tags |
Elegant Blocks | Cross-Site Scripting (XSS) |
Elementor – Header, Footer & Blocks Template | Cross-Site Scripting (XSS) |
Elementor – Header, Footer & Blocks Template | Cross-Site Scripting (XSS) |
Elementor Pro | DOM-Based Cross-Site Scripting (XSS) |
Elementor Website Builder | DOM-Based Cross-Site Scripting (XSS) |
Element Pack Elementor Addons | Cross-Site Scripting (XSS) via custom_attributes |
Elements kit Elementor addons | Cross-Site Scripting (XSS) via Image Accordion Widget |
ElementsKit Pro | Cross-Site Scripting (XSS) |
ElementsReady Addons for Elementor | Cross-Site Scripting (XSS) |
EmbedPress | Cross-Site Scripting (XSS) via id Parameter |
Enter Addons | Cross-Site Scripting (XSS) via Heading widget |
Envo Extra | Cross-Site Scripting (XSS) |
Envo's Elementor Templates & Widgets for WooCommerce | Cross-Site Scripting (XSS) |
Essential Addons for Elementor | Cross-Site Scripting (XSS) |
Essential Addons for Elementor | Cross-Site Scripting (XSS) |
Essential Addons for Elementor | Cross-Site Scripting (XSS) via 'Interactive Circles' |
Essential Addons for Elementor | Cross-Site Scripting (XSS) |
Essential Addons for Elementor | Cross-Site Scripting (XSS) via Twitter Feed |
Essential Addons for Elementor Pro | Cross-Site Scripting (XSS) via Team Member Carousel Widget |
Essential Blocks for Gutenberg | Cross-Site Scripting (XSS) |
Exclusive Addons Elementor | Cross-Site Scripting (XSS) via Team Member Widget |
Extra Theme | DOM-Based Cross-Site Scripting (XSS) |
Falang multilanguage | Cross-Site Scripting (XSS) |
Fancy Elementor Flipbox | Cross-Site Scripting (XSS) |
Fancy Product Designer | Cross-Site Scripting (XSS) |
Featured Content Gallery | Cross-Site Scripting (XSS) |
Fetch JFT | Cross-Site Scripting (XSS) |
Flattr | Cross-Site Scripting (XSS) |
FluentForm | Cross-Site Scripting (XSS) |
FluentForm | Cross-Site Scripting (XSS) |
Folders | Cross-Site Scripting (XSS) via User First Name and Last Name |
Follow Us Badges | Cross-Site Scripting (XSS) via wpsite_follow_us_badges Shortcode |
Form Maker by 10Web | Cross-Site Scripting (XSS) |
Forty Four – 404 Plugin for WordPress | Cross-Site Scripting (XSS) |
FV Flowplayer Video Player | Cross-Site Scripting (XSS) |
gee Search Plus | Cross-Site Scripting (XSS) |
Gianism | Cross-Site Scripting (XSS) |
GiveWP | Cross-Site Scripting (XSS) |
Gold Addons for Elementor | Cross-Site Scripting (XSS) |
Graphina | Cross-Site Scripting (XSS) via Multiple Widgets |
Gum Elementor Addon | Cross-Site Scripting (XSS) via Price Table and Post Slider Widgets |
Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) |
Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) via Block Link |
Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) |
Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) |
Gutenverse | Cross-Site Scripting (XSS) |
Happy Addons for Elementor | Cross-Site Scripting (XSS) via Image Stack Group Widget |
Happy Addons for Elementor | Cross-Site Scripting (XSS) via _id Parameter |
Happy Addons for Elementor | Cross-Site Scripting (XSS) via Post Navigation Widget |
Hash Elements | Cross-Site Scripting (XSS) |
Himalayas Theme | Cross-Site Scripting (XSS) |
HL Twitter | Cross-Site Scripting (XSS) via Widget |
HT Mega | Cross-Site Scripting (XSS) via Tooltip & Popover Widget |
HT Mega | Cross-Site Scripting (XSS) |
Html5 Audio Player | Cross-Site Scripting (XSS) via Multiple Widgets |
HUSKY | Cross-Site Scripting (XSS) via Shortcode |
iFrame | Cross-Site Scripting (XSS) |
Image Hover Effects – Elementor Addon | DOM-based Cross-Site Scripting (XSS) via Image Hover Effects Widget |
ImageMagick Sharpen Resized Images | Cross-Site Scripting (XSS) |
Import and export users and customers | Cross-Site Scripting (XSS) |
Jetpack | Cross-Site Scripting (XSS) via wpvideo Shortcode |
KKProgressbar2 Free | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
Landing Page Builder | Cross-Site Scripting (XSS) |
LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) via LaStudioKit Post Author Widget |
LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) |
LayerSlider | Cross-Site Scripting (XSS) |
Leaflet Maps Marker | Cross-Site Scripting (XSS) via Shortcode |
LearnPress | Cross-Site Scripting (XSS) via layout_html Parameter |
LearnPress | Cross-Site Scripting (XSS) via id Parameter |
LetterPress | Cross-Site Scripting (XSS) |
Link Library | Cross-Site Scripting (XSS) via link-library Shortcode |
List categories | Cross-Site Scripting (XSS) via Shortcode |
Logo Slider | Cross-Site Scripting (XSS) |
LottieFiles – JSON Based Animation Lottie & Bodymovin for Elementor | Cross-Site Scripting (XSS) |
LuckyWP Table of Contents | Cross-Site Scripting (XSS) |
LuckyWP Table of Contents | Cross-Site Scripting (XSS) |
LuckyWP Table of Contents | Cross-Site Scripting (XSS) |
Magazine Blocks | Cross-Site Scripting (XSS) |
Magical Addons For Elementor | Cross-Site Scripting (XSS) |
Magical Addons For Elementor | Cross-Site Scripting (XSS) via Text Effect Widget |
Master Addons for Elementor | Cross-Site Scripting (XSS) |
Master Addons for Elementor | Cross-Site Scripting (XSS) |
Master Slider | Cross-Site Scripting (XSS) |
Media Library Assistant | Cross-Site Scripting (XSS) via lang |
Mega Elements | Cross-Site Scripting (XSS) via Button Widget |
Memberpress | Cross-Site Scripting (XSS) via arglist Parameter |
Menu Icons by ThemeIsle | Cross-Site Scripting (XSS) via SVG Upload (BAC) |
Meow Gallery | Cross-Site Scripting (XSS) |
Mesmerize Companion | Cross-Site Scripting (XSS) via mesmerize_contact_form Shortcode |
MF Gig Calendar | Cross-Site Scripting (XSS) |
Mhr Post Ticker | Cross-Site Scripting (XSS) |
Mihdan: Yandex Turbo Feed | Cross-Site Scripting (XSS) via Shortcode |
month name translation benaceur | Cross-Site Scripting (XSS) |
Move Addons for Elementor | Cross-Site Scripting (XSS) |
Move Addons for Elementor | Cross-Site Scripting (XSS) via Multiple Widgets |
ND Shortcodes For Visual Composer | Cross-Site Scripting (XSS) |
Newsletter Popup | Cross-Site Scripting (XSS) |
NextGEN Gallery | Cross-Site Scripting (XSS) |
NextScripts | Unauthenticated Cross-Site Scripting (XSS) via User Agent |
Opal Estate Pro | Cross-Site Scripting (XSS) |
Optimole | Cross-Site Scripting (XSS) via SVG Upload (BAC) |
OptinMonster | Cross-Site Scripting (XSS) |
Page Builder by SiteOrigin | Cross-Site Scripting (XSS) via 'siteorigin_widget' Shortcode |
PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode | Cross-Site Scripting (XSS) |
Pearl | Cross-Site Scripting (XSS) via Shortcode |
Pet Manager | Cross-Site Scripting (XSS) |
Picture Gallery | Cross-Site Scripting (XSS) |
Piotnet Addons For Elementor | Cross-Site Scripting (XSS) via Multiple Widgets |
Playlist for Youtube | Cross-Site Scripting (XSS) |
Pods | Cross-Site Scripting (XSS) via Pod Form Redirect URL |
Pootle Pagebuilder – WordPress Page builder | Cross-Site Scripting (XSS) |
Popup4Phone | Unauthenticated Cross-Site Scripting (XSS) |
Popup4Phone | Cross-Site Scripting (XSS) |
PopupAlly | Cross-Site Scripting (XSS) |
Popup box | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
Popup Builder | Cross-Site Scripting (XSS) |
Popup Maker WP | Cross-Site Scripting (XSS) |
Popup More Popups | Cross-Site Scripting (XSS) |
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Cross-Site Scripting (XSS) |
Post Grid | Cross-Site Scripting (XSS) |
Post Grid Elementor Addon | Cross-Site Scripting (XSS) |
Post Grid Master | Auth Cross-Site Scripting (XSS) |
PostX – Gutenberg Blocks for Post Grid | Cross-Site Scripting (XSS) |
PowerPack Addons for Elementor | DOM-Based Cross-Site Scripting (XSS) |
Praison SEO WordPress | Cross-Site Scripting (XSS) |
Premium Addons for Elementor | Cross-Site Scripting (XSS) |
Premium Addons for Elementor | Cross-Site Scripting (XSS) |
Primary Addon for Elementor | Cross-Site Scripting (XSS) via Pricing Table Widget |
Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) |
ProfilePress | Cross-Site Scripting (XSS) via ProfilePress User Panel Widget |
PropertyHive | Cross-Site Scripting (XSS) |
Propovoice CRM | Cross-Site Scripting (XSS) |
Pure Chat | Cross-Site Scripting (XSS) |
QuickieBar | Cross-Site Scripting (XSS) |
raindrops Theme | Cross-Site Scripting (XSS) |
Rank Math SEO | Cross-Site Scripting (XSS) |
Rank Math SEO | Cross-Site Scripting (XSS) |
reCAPTCHA Jetpack | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
Remote Content Shortcode | Cross-Site Scripting (XSS) |
Reviews and Rating – Google My Business | Cross-Site Scripting (XSS) |
Royal Elementor Addons | Cross-Site Scripting (XSS) via Form Builder Widget |
Sailthru Triggermail | Cross-Site Scripting (XSS) |
Sailthru Triggermail | Cross-Site Scripting (XSS) |
Save as PDF plugin by Pdfcrowd | Cross-Site Scripting (XSS) |
ShareThis Share Buttons | Cross-Site Scripting (XSS) |
Sheets To WP Table Live Sync | Cross-Site Scripting (XSS) |
ShopLentor | Cross-Site Scripting (XSS) via _id |
ShopLentor | Cross-Site Scripting (XSS) |
ShopLentor | Cross-Site Scripting (XSS) via woolentorsearch Shortcode |
Shortcodes Ultimate | Cross-Site Scripting (XSS) |
Shortcodes Ultimate | Cross-Site Scripting (XSS) via su_members Shortcode |
Simple Basic Contact Form | Cross-Site Scripting (XSS) |
Simple Image Popup | Cross-Site Scripting (XSS) (XSS) |
Simple Like Page | Cross-Site Scripting (XSS) via Shortcode |
Simple Membership | Cross-Site Scripting (XSS) via Shortcode |
Simple Popup Manager | Cross-Site Scripting (XSS) |
Simply Schedule Appointments | Cross-Site Scripting (XSS) |
SiteOrigin Widgets Bundle | Cross-Site Scripting (XSS) via 'siteorigin_widget' Shortcode |
SKT Addons for Elementor | Cross-Site Scripting (XSS) |
SKT Addons for Elementor | Cross-Site Scripting (XSS) |
SliceWP | Cross-Site Scripting (XSS) |
Slider Revolution | Cross-Site Scripting (XSS) |
Slider Revolution | Cross-Site Scripting (XSS) via htmltag Parameter |
Social Icons Widget & Block by WPZOOM | Cross-Site Scripting (XSS) |
Spectra | Cross-Site Scripting (XSS) |
Spectra | Cross-Site Scripting (XSS) |
Starter Templates | Cross-Site Scripting (XSS) |
Sticky banner | Cross-Site Scripting (XSS) |
Sticky Social Link | Cross-Site Scripting (XSS) |
Stockholm Core | Cross-Site Scripting (XSS) |
Supreme Modules Lite | DOM-Based Cross-Site Scripting (XSS) |
Survey Maker | Cross-Site Scripting (XSS) via Plugin Settings |
Swift Framework | Cross-Site Scripting (XSS) via Shortcodes |
Swift Framework Page Builder | Cross-Site Scripting (XSS) via Shortcode |
Sydney Toolbox | Cross-Site Scripting (XSS) |
Sydney Toolbox | Cross-Site Scripting (XSS) via aThemes: Portfolio Widget |
Tabellen von faustball.com | Cross-Site Scripting (XSS) |
Table Maker | Cross-Site Scripting (XSS) |
Tainacan | Cross-Site Scripting (XSS) |
Tainacan | Cross-Site Scripting (XSS) |
Testimonial Carousel For Elementor | Cross-Site Scripting (XSS) |
Testimonial Slider | Cross-Site Scripting (XSS) |
The Events Calendar | Cross-Site Scripting (XSS) |
Themify Shortcodes | Cross-Site Scripting (XSS) via themify_button Shortcode |
The Plus Addons for Elementor Page Builder Lite | Cross-Site Scripting (XSS) |
The Plus Addons for Elementor Page Builder Lite | Cross-Site Scripting (XSS) |
The Plus Addons for Elementor Pro | Cross-Site Scripting (XSS) via Heading Title Widget |
Thim Elementor Kit | Cross-Site Scripting (XSS) |
Thim Elementor Kit | Cross-Site Scripting (XSS) via id Parameter |
Toolbar Extras for Elementor & More | Cross-Site Scripting (XSS) |
TT Custom Post Type Creator | Cross-Site Scripting (XSS) |
Uber Menu | Cross-Site Scripting (XSS) via Multiple Shortcodes |
Ultimate Blocks – Gutenberg Blocks Plugin | Cross-Site Scripting (XSS) |
UnGallery | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Cross-Site Scripting (XSS) |
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Cross-Site Scripting (XSS) via Text Field |
Videojs HTML5 Player | Cross-Site Scripting (XSS) |
Viet Affiliate Link | Cross-Site Scripting (XSS) |
Viet Nam Affiliate | Cross-Site Scripting (XSS) |
Visual Footer Credit Remover | Cross-Site Scripting (XSS) |
Visual Portfolio, Photo Gallery & Post Grid | Cross-Site Scripting (XSS) via title_tag Parameter |
Webpushr | Cross-Site Scripting (XSS) |
WidgetKit | Cross-Site Scripting (XSS) |
WOLF | Cross-Site Scripting (XSS) |
WP Backpack | Cross-Site Scripting (XSS) |
WPB Elementor Addons | Cross-Site Scripting (XSS) |
WPCafe | Cross-Site Scripting (XSS) via Reservation Form Shortcode |
WPCS ( WordPress Custom Search ) | Cross-Site Scripting (XSS) |
wpDataTables | Unauthenticated Cross-Site Scripting (XSS) via CSV Import |
WP DSGVO Tools (GDPR) | Cross-Site Scripting (XSS) via Shortcode |
WP etracker | Cross-Site Scripting (XSS) |
WP Font Awesome Share Icons | Cross-Site Scripting (XSS) via Shortcode |
WP Front User Submit / Front Editor | Cross-Site Scripting (XSS) |
WP Google Maps | Cross-Site Scripting (XSS) |
WPKoi Templates for Elementor | Cross-Site Scripting (XSS) via Multiple Parameters |
WP Next Post Navi | Cross-Site Scripting (XSS) |
WPO365 | Cross-Site Scripting (XSS) |
WP Recipe Maker | Cross-Site Scripting (XSS) via wprm-recipe-roundup-item Shortcode |
WP SMS | Cross-Site Scripting (XSS) |
WP Stacker | Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) |
WP Table Builder – WordPress Table Plugin | Cross-Site Scripting (XSS) |
WP To Do | Cross-Site Scripting (XSS) via Settings |
WP Ultimate Post Grid | Cross-Site Scripting (XSS) |
WP Video Lightbox | Cross-Site Scripting (XSS) via width Parameter |
WPZOOM Addons for Elementor (Templates, Widgets) | Cross-Site Scripting (XSS) via Image Box Widget |
Xpro Elementor Addons | Cross-Site Scripting (XSS) |
Xpro Elementor Addons | Cross-Site Scripting (XSS) via Multiple Widgets |
YITH WooCommerce Ajax Search | Unauthenticated Cross-Site Scripting (XSS) |
Yoast SEO | Cross-Site Scripting (XSS) |
Yoast SEO | Cross-Site Scripting (XSS) |
Zotpress | Cross-Site Scripting (XSS) |
WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
WordPress Cross-Site Scripting (XSS) reported in 2024: | 1342 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.