Discover managed ACQUISITION metrics for WordPress, WooCommerce, Shopify, SaaS. Managed for you on your domain, inside your hosting account, in your country. With a good managed monitoring strategy in place, you'll gain greater transparency & visibility into your operations with a timely alerting system.
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS OCT 2024 is similarly HIGH compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these Cross-Site Scripting cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY just last month in the WP XSS OCT 2024 & WP Cross-Site Scripting category:
| 012 PS Multi Languages | Cross-Site Scripting (XSS) |
| Absolute Reviews | DOM-Based Cross-Site Scripting (XSS) from Criteria Name |
| Accordion | Cross-Site Scripting (XSS) |
| Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin | Cross-Site Scripting (XSS) |
| Accordion Image Menu | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Advanced Sermons | Cross-Site Scripting (XSS) |
| Advanced Woo Labels | Cross-Site Scripting (XSS) |
| Advanced WordPress Backgrounds | Cross-Site Scripting (XSS) from imageTag Parameter |
| amCharts: Charts and Maps | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| AnWP Football Leagues | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| ARI Fancy Lightbox | Cross-Site Scripting (XSS) |
| Attributes for Blocks | Cross-Site Scripting (XSS) from attributesForBlocks Parameter |
| Author Avatars List/Block | Cross-Site Scripting (XSS) |
| Automatically Hierarchic Categories in Menu | Cross-Site Scripting (XSS) |
| AZIndex | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| BA Book Everything | Cross-Site Scripting (XSS) |
| Beam me up Scotty – Back to Top Button | Cross-Site Scripting (XSS) |
| Beauty Theme | Cross-Site Scripting (XSS) from tpl_featured_cat_id Parameter |
| Betheme Theme | Cross-Site Scripting (XSS) from SVG File |
| Bit Form – Contact Form Plugin | Cross-Site Scripting (XSS) |
| Blockspare | Cross-Site Scripting (XSS) |
| Blogvi Theme | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Bold Page Builder | Cross-Site Scripting (XSS) |
| Bricks Builder Theme | Cross-Site Scripting (XSS) |
| BSK Forms Blacklist | Cross-Site Scripting (XSS) |
| BuddyForms | Cross-Site Scripting (XSS) |
| Bulk NoIndex & NoFollow Toolkit | Cross-Site Scripting (XSS) |
| Cab fare calculator | Cross-Site Scripting (XSS) |
| Carousel Slider | Cross-Site Scripting (XSS) |
| Catch Base Theme | Cross-Site Scripting (XSS) |
| Charity Addon for Elementor | Cross-Site Scripting (XSS) |
| Chartify | Cross-Site Scripting (XSS) |
| Chatbot Support AI | Cross-Site Scripting (XSS) |
| CM Pop-Up banners | Cross-Site Scripting (XSS) |
| Coming Soon Page, Under Construction & Maintenance Mode by SeedProd | Cross-Site Scripting (XSS) |
| Common Tools for Site | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Community by PeepSo | Cross-Site Scripting (XSS) from content Parameter |
| Confetti Fall Animation | Cross-Site Scripting (XSS) |
| Contact Form 7 Math Captcha | Cross-Site Scripting (XSS) |
| Contact Form to Any API | Unauthenticated Cross-Site Scripting (XSS) from Contact Form |
| Content Blocks (Custom Post Widget) | Cross-Site Scripting (XSS) |
| Copyscape Premium | CSRF to Cross-Site Scripting (XSS) |
| Cozy Blocks | Cross-Site Scripting (XSS) |
| CP Polls | Cross-Site Scripting (XSS) |
| Create Theme | Cross-Site Scripting (XSS) |
| Cron Jobs | Cross-Site Scripting (XSS) |
| CubeWP Forms – All-in-One Form Builder | Cross-Site Scripting (XSS) |
| Delicate Theme | Cross-Site Scripting (XSS) from Button Shortcode |
| Depicter Slider | Cross-Site Scripting (XSS) |
| DethemeKit For Elementor | Cross-Site Scripting (XSS) |
| Dynamic Featured Image | Cross-Site Scripting (XSS) from dfiFeatured Parameter |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| Elementor Addon Elements | Cross-Site Scripting (XSS) |
| Elementor Website Builder | Cross-Site Scripting (XSS) in the URL Parameter in Multiple Widgets |
| Element Pack Elementor Addons | Cross-Site Scripting (XSS) |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) from Video Widget |
| ElementsReady Addons for Elementor | Cross-Site Scripting (XSS) |
| Email Obfuscate Shortcode | Cross-Site Scripting (XSS) |
| Enter Addons | Cross-Site Scripting (XSS) |
| Envira Photo Gallery | Cross-Site Scripting (XSS) |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) from Fancy Text Widget |
| Essential Blocks for Gutenberg | Cross-Site Scripting (XSS) |
| EU/UK VAT Manager for WooCommerce | Cross-Site Scripting (XSS) |
| EU/UK VAT Manager for WooCommerce | Cross-Site Scripting (XSS) |
| EventON | Cross-Site Scripting (XSS) |
| Exit Notifier | Cross-Site Scripting (XSS) |
| Flaming Forms | Cross-Site Scripting (XSS) |
| Flaming Forms | Unauthenticated Cross-Site Scripting (XSS) |
| Flipping Cards | Cross-Site Scripting (XSS) |
| Floating Contact Button | Cross-Site Scripting (XSS) |
| Form Maker by 10Web | Cross-Site Scripting (XSS) |
| Full frame Theme | Cross-Site Scripting (XSS) |
| Fusion Builder | Cross-Site Scripting (XSS) from fusion_button Shortcode |
| Gallery Lightbox | Cross-Site Scripting (XSS) |
| Garden Gnome Package | Cross-Site Scripting (XSS) |
| Geo Mashup | Cross-Site Scripting (XSS) |
| GEO my WordPress | Cross-Site Scripting (XSS) |
| GF Custom Style | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Giveaways and Contests by RafflePress | Cross-Site Scripting (XSS) |
| Google Calendar Events | Cross-Site Scripting (XSS) |
| Graphicsly | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Greenshift – animation and page builder blocks | Cross-Site Scripting (XSS) |
| GS Logo Slider | Cross-Site Scripting (XSS) |
| GTM Server Side | Cross-Site Scripting (XSS) |
| GTM Server Side | Cross-Site Scripting (XSS) |
| Gum Elementor Addon | Cross-Site Scripting (XSS) |
| Gutenberg Blocks – Un blocks For Gutenberg | Cross-Site Scripting (XSS) |
| GutenGeek Free Gutenberg Blocks for WordPress | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) |
| IdeaPush | Cross-Site Scripting (XSS) |
| IMPress for IDX Broker | Cross-Site Scripting (XSS) |
| Include Fussballde Widgets | Cross-Site Scripting (XSS) |
| Jeg Elementor Kit | Cross-Site Scripting (XSS) |
| JobSearch | Cross-Site Scripting (XSS) |
| Keap Official Opt-in Forms | Cross-Site Scripting (XSS) |
| king_IE | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Kodex Posts likes | Cross-Site Scripting (XSS) |
| Kodex Posts likes | Cross-Site Scripting (XSS) |
| Koko Analytics | Cross-Site Scripting (XSS) |
| LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) |
| LiteSpeed Cache | Cross-Site Scripting (XSS) |
| LiteSpeed Cache | Cross-Site Scripting (XSS) |
| Livemesh Addons for Elementor | Cross-Site Scripting (XSS) |
| Livemesh Addons for Elementor | Cross-Site Scripting (XSS) from piechart_settings Parameter |
| Logo Carousel – Clients logo carousel for WP | Cross-Site Scripting (XSS) |
| Logo Manager For Enamad | Cross-Site Scripting (XSS) from Widget |
| Loops & Logic | Cross-Site Scripting (XSS) |
| Lucas String Replace | Cross-Site Scripting (XSS) |
| MailOptin | Cross-Site Scripting (XSS) |
| Mapplic Lite | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Master Addons for Elementor | Cross-Site Scripting (XSS) from data-jltma-wrapper-link Element |
| Material Design Icons | Cross-Site Scripting (XSS) from mdi-icon Shortcode |
| MC4WP | Cross-Site Scripting (XSS) |
| MC4WP | Cross-Site Scripting (XSS) |
| Medical Addon for Elementor | Cross-Site Scripting (XSS) |
| Mega Elements | Cross-Site Scripting (XSS) |
| Meta slider and carousel with lightbox | Cross-Site Scripting (XSS) |
| MM-Breaking News | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| MM-Breaking News | Cross-Site Scripting (XSS) |
| Move Addons for Elementor | Cross-Site Scripting (XSS) |
| Move Addons for Elementor | Cross-Site Scripting (XSS) |
| Multipurpose Ticket Booking Manager | Cross-Site Scripting (XSS) |
| My Sticky Bar | Cross-Site Scripting (XSS) |
| Neighborly Theme | Cross-Site Scripting (XSS) from Button Shortcode |
| Newsletters | Cross-Site Scripting (XSS) |
| NEX-Forms – Ultimate Form Builder | Cross-Site Scripting (XSS) |
| NiceJob | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| NiceJob | Cross-Site Scripting (XSS) |
| Ninja Forms File Upload Extension | Unauthenticated Cross-Site Scripting (XSS) from File Upload (BAC) |
| Ninja Forms | Cross-Site Scripting (XSS) |
| Ninja Forms | Self-Based Cross-Site Scripting (XSS) from Referer |
| NinjaTeam Header Footer Custom Code | Cross-Site Scripting (XSS) |
| nm-visitors | Unauthenticated Cross-Site Scripting (XSS) from HTTP Header |
| Nova Blocks by Pixelgrade | Cross-Site Scripting (XSS) from align Attribute |
| OneElements – Best Elementor Addons | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Online Booking & Scheduling Calendar for WordPress by vcita | Cross-Site Scripting (XSS) |
| OSM – OpenStreetMap | Cross-Site Scripting (XSS) from osm_map and osm_map_v Shortcodes |
| Page-list | Cross-Site Scripting (XSS) |
| PDF Thumbnail Generator | Cross-Site Scripting (XSS) |
| Photo Gallery by 10Web | Cross-Site Scripting (XSS) |
| Pixel Cat | Cross-Site Scripting (XSS) |
| Pocket Widget | Cross-Site Scripting (XSS) |
| Popup Maker | Cross-Site Scripting (XSS) |
| Post Grid and Gutenberg Blocks | Cross-Site Scripting (XSS) |
| Preloader Plus - Wordpress Loading Screen Plugin | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Premium Addons for Elementor | Cross-Site Scripting (XSS) from Media Grid Widget |
| Premium Blocks – Gutenberg Blocks for WordPress | Cross-Site Scripting (XSS) |
| Primary Addon for Elementor | Cross-Site Scripting (XSS) |
| Product Slider for WooCommerce | Cross-Site Scripting (XSS) |
| ProfileGrid | Cross-Site Scripting (XSS) |
| Quick Code | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Quill Forms | Cross-Site Scripting (XSS) |
| Quiz And Survey Master | Cross-Site Scripting (XSS) |
| Radio Player | Cross-Site Scripting (XSS) from align Attribute |
| RD Station | Cross-Site Scripting (XSS) |
| Restaurant & Cafe Addon for Elementor | Cross-Site Scripting (XSS) |
| Review & testimonial widgets | Cross-Site Scripting (XSS) |
| Robokassa payment gateway for Woocommerce | Cross-Site Scripting (XSS) |
| Roles & Capabilities | Cross-Site Scripting (XSS) |
| RomethemeKit For Elementor | Cross-Site Scripting (XSS) |
| Roseta Theme | Cross-Site Scripting (XSS) |
| Search Atlas SEO | Cross-Site Scripting (XSS) |
| Secure Copy Content Protection and Content Locking | Cross-Site Scripting (XSS) |
| Septera Theme | Cross-Site Scripting (XSS) |
| Seriously Simple Stats | Cross-Site Scripting (XSS) |
| Share This Image | Cross-Site Scripting (XSS) from alignment Parameter |
| Share This Image | Cross-Site Scripting (XSS) from STI Buttons Shortcode |
| Share This Image | Cross-Site Scripting (XSS) |
| ShiftController Employee Shift Scheduling | Cross-Site Scripting (XSS) |
| ShopLentor | DOM-Based Cross-Site Scripting (XSS) |
| Sign-up Sheets | Cross-Site Scripting (XSS) |
| Simple LDAP Login | Cross-Site Scripting (XSS) |
| Simple LDAP Login | Cross-Site Scripting (XSS) |
| SKT Templates – Elementor & Gutenberg templates | Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Scripting (XSS) |
| SliceWP | Cross-Site Scripting (XSS) |
| SliceWP | Cross-Site Scripting (XSS) |
| Slider by 10Web | Cross-Site Scripting (XSS) |
| Slider comparison image before and after | Cross-Site Scripting (XSS) |
| Slideshow Gallery | Cross-Site Scripting (XSS) |
| Social Auto Poster | Cross-Site Scripting (XSS) |
| Spice Starter Sites | Cross-Site Scripting (XSS) |
| Spiffy Calendar | Cross-Site Scripting (XSS) |
| Spiffy Calendar | Cross-Site Scripting (XSS) |
| Starbox | Cross-Site Scripting (XSS) |
| Starbox | Cross-Site Scripting (XSS) |
| Starter Templates | Cross-Site Scripting (XSS) |
| Store Hours for WooCommerce | Cross-Site Scripting (XSS) |
| Super Testimonials | Cross-Site Scripting (XSS) from alignment Parameter |
| tagDiv Composer | Cross-Site Scripting (XSS) from envato_code[] |
| Team Showcase | Cross-Site Scripting (XSS) |
| Terms descriptions | Cross-Site Scripting (XSS) |
| Thanh Toán Quét Mã QR Code Tự Động | Unauthenticated Cross-Site Scripting (XSS) |
| The Events Calendar | Unauthenticated Cross-Site Scripting (XSS) |
| Themedy Toolbox | Cross-Site Scripting (XSS) from Multiple Shortcodes |
| Themesflat Addons For Elementor | Multiple Cross-Site Scripting (XSS) |
| Themify – WooCommerce Product Filter | Cross-Site Scripting (XSS) |
| The Pack Elementor addons | Cross-Site Scripting (XSS) |
| The Post Grid | Cross-Site Scripting (XSS) via Grid Creation |
| The Ultimate WordPress Toolkit – WP Extended | Cross-Site Scripting (XSS) |
| The Ultimate WordPress Toolkit – WP Extended | Cross-Site Scripting (XSS) from page |
| TNC PDF viewer | Cross-Site Scripting (XSS) |
| Triton Lite Theme | Cross-Site Scripting (XSS) from Button Shortcode |
| Tweaker5 Theme | Cross-Site Scripting (XSS) from Button Shortcode |
| Ultimate Blocks – Gutenberg Blocks Plugin | Cross-Site Scripting (XSS) |
| Ultimate Store Kit Elementor Addons | Cross-Site Scripting (XSS) |
| Un Elements For Elementor (Free Widgets, Addons, Templates) | Cross-Site Scripting (XSS) |
| VdoCipher | Cross-Site Scripting (XSS) |
| Verbosa Theme | Cross-Site Scripting (XSS) |
| viala Theme | Cross-Site Scripting (XSS) |
| Waitlist Woocommerce ( Back in stock notifier ) | Cross-Site Scripting (XSS) |
| WCFM Marketplace | Cross-Site Scripting (XSS) |
| Web Directory Free | Cross-Site Scripting (XSS) |
| WP Abstracts | Cross-Site Scripting (XSS) |
| WP AdCenter | Cross-Site Scripting (XSS) from ad_alignment Attribute |
| WP Booking System | Cross-Site Scripting (XSS) |
| WP Bulk Delete | Cross-Site Scripting (XSS) |
| WP Category Dropdown | Cross-Site Scripting (XSS) from align Parameter |
| WPCOM Member | Cross-Site Scripting (XSS) |
| WP Compress – Image Optimizer [All-In-One] | Cross-Site Scripting (XSS) |
| WP Custom Fields Search | Cross-Site Scripting (XSS) from wpcfs-preset Shortcode |
| WP Datepicker | Cross-Site Scripting (XSS) |
| WP-DownloadManager | Cross-Site Scripting (XSS) |
| WPFactory Helper | Cross-Site Scripting (XSS) |
| WP GPX Map | Cross-Site Scripting (XSS) from sgpx Shortcode |
| WP-Lister Lite for eBay | Cross-Site Scripting (XSS) |
| WP Mail Catcher | Cross-Site Scripting (XSS) |
| WP Meta SEO | Cross-Site Scripting (XSS) |
| WPMobileApp | Cross-Site Scripting (XSS) |
| WP MultiTasking | Cross-Site Scripting (XSS) |
| WP MultiTasking | Cross-Site Scripting (XSS) |
| WP MyLinks | Cross-Site Scripting (XSS) |
| WP Simple Booking Calendar | Cross-Site Scripting (XSS) |
| WP Test Email | Cross-Site Scripting (XSS) |
| WP Timeline – Vertical and Horizontal timeline plugin | Cross-Site Scripting (XSS) |
| WP Travel | Cross-Site Scripting (XSS) |
| WP Travel Gutenberg Blocks | Cross-Site Scripting (XSS) |
| WP ULike | Cross-Site Scripting (XSS) |
| WP-WebAuthn | Cross-Site Scripting (XSS) |
| WPZOOM Portfolio | Cross-Site Scripting (XSS) from align Attribute |
| WPZOOM Shortcodes | Cross-Site Scripting (XSS) from box Shortcode |
| WS Form LITE | Cross-Site Scripting (XSS) |
| XLTab – Accordions and Tabs for Elementor Page Builder | Cross-Site Scripting (XSS) |
| XT Ajax Add To Cart for WooCommerce | Cross-Site Scripting (XSS) |
| YellowPencil Visual CSS Style Editor | Cross-Site Scripting (XSS) |
| YITH Custom Login | Cross-Site Scripting (XSS) |
| YITH WooCommerce Product Add-Ons | Cross-Site Scripting (XSS) |
| Zoho Forms | Cross-Site Scripting (XSS) |
| Zotpress | Cross-Site Scripting (XSS) |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 2430 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.