Scroll Top

WP XSS APR 2024: 437 Effortless WP Cross-Site Scripting

By Csaba, Miklós WP Security owl WAF 9 April 2024

WP XSS APR 2024 – WP CROSS-SITE SCRIPTING

WP XSS APR 2024

WP Cross-Site Scripting

Tailored WP & Woo Security Report

Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS APR 2024 is a +197% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin – OR – Hire professionals for tailored WP Security.

WHO needs tailored WP security? EVERYBODY!

Today’s reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate “gazillion” different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.

SHOP NOW

The following cases made headlines PUBLICLY just last month in the WP XSS APR 2024 & WP Cross-Site Scripting category:

SpiderFAQ Cross-Site Scripting (XSS)
Add Shortcodes Actions And Filters Cross-Site Scripting (XSS)
AdsPlace’r – Ad Manager, Inserter, AdSense Ads Cross-Site Scripting (XSS)
Advanced Access Manager Cross-Site Scripting (XSS)
Advanced Access Manager Cross-Site Scripting (XSS)
Advanced Form Integration SQL Injection (SQLi) to Cross-Site Scripting (XSS) via integration_id
Advanced Sermons Cross-Site Scripting (XSS)
Advanced Sermons Cross-Site Scripting (XSS)
Advanced Social Feeds Widget & Shortcode Cross-Site Scripting (XSS)
Aesop Story Engine Cross-Site Scripting (XSS)
affiliate-toolkit Cross-Site Scripting (XSS)
AI Engine: ChatGPT Chatbot Unauthenticated Cross-Site Scripting (XSS)
AI Twitter Feeds (Twitter widget & shortcode) Cross-Site Scripting (XSS)
Ajax Load More Cross-Site Scripting (XSS)
All In One Redirection Cross-Site Scripting (XSS)
Amelia Cross-Site Scripting (XSS)
Animated Headline Cross-Site Scripting (XSS) via Shortcode
AntiSpam for Contact Form 7 Cross-Site Scripting (XSS)
Aparat for WordPress Cross-Site Scripting (XSS)
APIExperts Square for WooCommerce Cross-Site Scripting (XSS)
Appointment Calendar Cross-Site Scripting (XSS)
ARMember Cross-Site Scripting (XSS)
Astra Theme Cross-Site Scripting (XSS)
Astra Theme Cross-Site Scripting (XSS) Through Display Name
Automation By Autonami Cross-Site Scripting (XSS)
Avada Theme Cross-Site Scripting (XSS) via Shortcode
B Slider – Slider for your block editor Cross-Site Scripting (XSS)
Barcode Scanner with Inventory & Order Manager Cross-Site Scripting (XSS)
BEAR Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS) via heading tag
Beaver Builder Addons by WPZOOM Cross-Site Scripting (XSS)
Better Elementor Addons Cross-Site Scripting (XSS) via widget links
Better Elementor Addons Cross-Site Scripting (XSS)
Better Search Cross-Site Scripting (XSS)
BetterDocs Cross-Site Scripting (XSS) via Shortcode
BizPrint Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Blocksy Companion Cross-Site Scripting (XSS)
Blocksy Theme Cross-Site Scripting (XSS)
Blue Triad EZAnalytics Cross-Site Scripting (XSS) via ‘bt_webid’
Bold Page Builder Cross-Site Scripting (XSS)
Bold Page Builder Cross-Site Scripting (XSS)
Booking Activities Cross-Site Scripting (XSS)
Booster for WooCommerce Cross-Site Scripting (XSS)
Booster for WooCommerce Cross-Site Scripting (XSS) via Shortocde
Breeze Cross-Site Scripting (XSS)
Broken Images Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
BuddyForms Cross-Site Scripting (XSS)
Bulk NoIndex & NoFollow Toolkit Cross-Site Scripting (XSS)
Burst Statistics Cross-Site Scripting (XSS) via burst_total_pageviews_count
Calculated Fields Form Cross-Site Scripting (XSS)
Calculated Fields Form Unauthenticated Cross-Site Scripting (XSS)
Calendarista Basic Edition Cross-Site Scripting (XSS)
Cards for Beaver Builder Cross-Site Scripting (XSS) via bootstrapcard link
Carousel Anything For WPBakery Page Builder Cross-Site Scripting (XSS)
Change default login logo,url and title Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Christmas Greetings Cross-Site Scripting (XSS)
Church Admin Cross-Site Scripting (XSS)
Church Admin Cross-Site Scripting (XSS)
Co-marquage service-public.fr Cross-Site Scripting (XSS)
Co-marquage service-public.fr Cross-Site Scripting (XSS)
CoBlocks Cross-Site Scripting (XSS)
collectchat Cross-Site Scripting (XSS)
ColorMag Theme Cross-Site Scripting (XSS) via Display Name
Comic Easel Cross-Site Scripting (XSS)
Compact WP Audio Player Cross-Site Scripting (XSS)
Contact Form 7 Cross-Site Scripting (XSS)
Contact Form 7 – PayPal & Stripe Add-on Cross-Site Scripting (XSS)
Contact Form 7 Newsletter Cross-Site Scripting (XSS)
Contact Form by BestWebSoft Cross-Site Scripting (XSS)
Contact Form Entries Cross-Site Scripting (XSS) via shortcode
Contact Forms by Cimatti Cross-Site Scripting (XSS)
Contact Forms by Cimatti Unauthenticated Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
Contests by Rewards Fuel Cross-Site Scripting (XSS) via Update (BAC)_rewards_fuel_api_key
Contests by Rewards Fuel Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Conversios.io Cross-Site Scripting (XSS)
Convert Post Types Cross-Site Scripting (XSS)
Cornerstone Cross-Site Scripting (XSS)
Coupon Affiliates Cross-Site Scripting (XSS)
Creative Image Slider – Responsive Slider Plugin Cross-Site Scripting (XSS)
Crisp Cross-Site Scripting (XSS)
CRM Perks Forms Cross-Site Scripting (XSS)
Crypto Converter Widget Cross-Site Scripting (XSS)
Custom Field Bulk Editor Cross-Site Scripting (XSS)
Custom WooCommerce Checkout Fields Editor Cross-Site Scripting (XSS)
CWW Companion Cross-Site Scripting (XSS)
Database for Contact Form 7 Unauthenticated Cross-Site Scripting (XSS)
DD Rating Cross-Site Scripting (XSS)
DearFlip Cross-Site Scripting (XSS)
Doneren met Mollie Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS)
Dracula Dark Mode – The Revolutionary Dark Mode Plugin For WordPress Cross-Site Scripting (XSS)
Droit Elementor Addons Cross-Site Scripting (XSS)
Dropdown Multisite selector Cross-Site Scripting (XSS)
DX-Watermark Cross-Site Request Forgery (CSRF) to Arbitrary File Upload (BAC) and Cross-Site Scripting (XSS)
Easy Accordion Cross-Site Scripting (XSS)
Easy Appointments Cross-Site Scripting (XSS)
Easy Social Feed Cross-Site Scripting (XSS)
Easy Social Feed Cross-Site Scripting (XSS) via Shortcode
Easy Social Share Buttons Cross-Site Scripting (XSS)
Easy Textillate Cross-Site Scripting (XSS) via Shortcode
Easy!Appointments Cross-Site Scripting (XSS)
Element Pack Elementor Addons Cross-Site Scripting (XSS)
ElementInvader Addons for Elementor Cross-Site Scripting (XSS)
Elementor – Header, Footer & Blocks Template Cross-Site Scripting (XSS)
Elementor Addon Elements Cross-Site Scripting (XSS)
Elementor Addon Elements Cross-Site Scripting (XSS) via ‘Text Separator’ and ‘Image Compare’ Widget
Elementor Addon Elements Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Pro Cross-Site Scripting (XSS)
Elementor Website Builder Cross-Site Scripting (XSS)
Elements kit Elementor addons Cross-Site Scripting (XSS) via Image Accordion Widget
Elements kit Elementor addons Cross-Site Scripting (XSS)
Elements kit Elementor addons Cross-Site Scripting (XSS)
Elements Plus! Cross-Site Scripting (XSS) via widget links
Email Subscribers & Newsletters Cross-Site Scripting (XSS)
Email Subscription Popup Cross-Site Scripting (XSS)
EmbedPress Cross-Site Scripting (XSS) via Attribute
EmbedPress Cross-Site Scripting (XSS) via Wistia Block
EmbedPress Cross-Site Scripting (XSS) via EmbedPress PDF Widget
Essential Addons for Elementor Cross-Site Scripting (XSS)
Essential Addons for Elementor Cross-Site Scripting (XSS) via Event Calendar
Essential Addons for Elementor Cross-Site Scripting (XSS) via Data Table
EventPrime Cross-Site Scripting (XSS)
EventPrime Unauthenticated Cross-Site Scripting (XSS)
Events Manager Cross-Site Scripting (XSS)
Evergreen Content Poster Cross-Site Scripting (XSS)
Exchange Rates Widget Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Call to Action Widget
Exclusive Addons Elementor Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Covid Stats Widget
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Countdown Timer Widget
Extensions For CF7 Unauthenticated Cross-Site Scripting (XSS)
Fancy Comments WordPress Cross-Site Scripting (XSS)
Favicon Rotator Cross-Site Scripting (XSS)
Five Star Restaurant Menu Cross-Site Scripting (XSS)
FlatPM Cross-Site Scripting (XSS)
Fluent CRM Cross-Site Scripting (XSS)
FluentForm Cross-Site Scripting (XSS)
Football Pool Cross-Site Scripting (XSS)
Forminator Cross-Site Scripting (XSS)
Free Downloads WooCommerce Cross-Site Scripting (XSS)
Frontend Dashboard Cross-Site Scripting (XSS)
Fullscreen Galleria Cross-Site Scripting (XSS)
Funnel Builder by CartFlows Cross-Site Scripting (XSS)
FV Flowplayer Video Player Cross-Site Scripting (XSS)
FV Flowplayer Video Player Cross-Site Scripting (XSS)
GamiPress Cross-Site Scripting (XSS) via Shortcode
GamiPress – Button Cross-Site Scripting (XSS) via Shortcode
Geo Controller Cross-Site Scripting (XSS)
GetResponse for WordPress Cross-Site Scripting (XSS)
Getwid – Gutenberg Blocks Cross-Site Scripting (XSS) via Block Content
Giveaways and Contests by RafflePress Unauthenticated Cross-Site Scripting (XSS)
GiveWP Cross-Site Scripting (XSS)
GiveWP Cross-Site Scripting (XSS)
Gratisfaction Cross-Site Scripting (XSS)
Grid Shortcodes Cross-Site Scripting (XSS)
GS Pins for Pinterest Cross-Site Scripting (XSS)
GS Testimonial Slider Cross-Site Scripting (XSS)
Gum Elementor Addon Cross-Site Scripting (XSS) via Post Meta Widget
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS) via Testimonial Widget
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS)
Hacklog Down As PDF Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS) via Archive Title Widget
Happy Addons for Elementor Cross-Site Scripting (XSS) via Author Meta Widget
Hash Elements Cross-Site Scripting (XSS)
Header Image Slider Cross-Site Scripting (XSS)
HeartThis Cross-Site Scripting (XSS)
Hot Random Image Cross-Site Scripting (XSS)
HT Easy GA4 ( Google Analytics 4 ) Cross-Site Scripting (XSS)
HT Mega Cross-Site Scripting (XSS)
HT Mega Cross-Site Scripting (XSS) via titleTag
HT Mega Cross-Site Scripting (XSS) via Post Carousel Widget
HUSKY – Products Filter for WooCommerce (formerly WOOF) Cross-Site Scripting (XSS) via Shortcode
iCalendrier Cross-Site Scripting (XSS)
IDonate – blood request management system Cross-Site Scripting (XSS)
iFlyChat – WordPress Chat Cross-Site Scripting (XSS)
Image Hover Effects – Elementor Addon Cross-Site Scripting (XSS)
Invitation Code Content Restriction Plugin from CreativeMinds Cross-Site Scripting (XSS)
Jeg Elementor Kit Cross-Site Scripting (XSS) via HTML Tags
Jeg Elementor Kit Cross-Site Scripting (XSS)
JetWidgets For Elementor Cross-Site Scripting (XSS) via Widget Button URL
JetWidgets For Elementor Cross-Site Scripting (XSS) via Animated Box Widget
Jobeleon Theme Cross-Site Scripting (XSS)
Jobs for WordPress Cross-Site Scripting (XSS)
Kanban Boards for WordPress Cross-Site Scripting (XSS)
Knight Lab Timeline Cross-Site Scripting (XSS) via Shortcode
LA-Studio Element Kit for Elementor Cross-Site Scripting (XSS)
Landing Page Builder Cross-Site Scripting (XSS)
Lightweight Accordion Cross-Site Scripting (XSS) via Shortcode
Limit Attempts by BestWebSoft Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link Whisper Free Cross-Site Scripting (XSS)
Livemesh Addons for Elementor Cross-Site Scripting (XSS)
Livemesh Addons for WPBakery Page Builder Cross-Site Scripting (XSS)
Livemesh Addons for WPBakery Page Builder Cross-Site Scripting (XSS) via Shortcode
Locatoraid Store Locator Cross-Site Scripting (XSS)
Lordicon Animated Icons Cross-Site Scripting (XSS)
MailChimp Forms by MailMunch Cross-Site Scripting (XSS)
Mailster Cross-Site Scripting (XSS)
Mang Board WP Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS) via Pricing Table Widget
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Slider Cross-Site Scripting (XSS) via slider callback
Master Slider Cross-Site Scripting (XSS)
Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more Cross-Site Scripting (XSS)
Media Library Assistant Cross-Site Scripting (XSS) via mla_gallery Shortcode
Memberpress Cross-Site Scripting (XSS) via message and error
Metform Elementor Contact Form Builder Cross-Site Scripting (XSS) via Shortcode
Mighty Classic Pros And Cons Cross-Site Scripting (XSS)
MJM Clinic Cross-Site Scripting (XSS)
MJM Clinic Cross-Site Scripting (XSS)
Modal Window Cross-Site Scripting (XSS) via Shortcode
Molongui Cross-Site Scripting (XSS)
Move Addons for Elementor Cross-Site Scripting (XSS)
Move Addons for Elementor Cross-Site Scripting (XSS)
MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (XSS)
MyBookTable Bookstore Cross-Site Scripting (XSS)
MyCurator Content Curation Cross-Site Scripting (XSS)
New RoyalSlider Cross-Site Scripting (XSS)
Newsletter2Go Cross-Site Scripting (XSS) via style
Nextend Facebook Connect Cross-Site Scripting (XSS) via error_description
Ninja Forms Cross-Site Scripting (XSS)
Off-Canvas Sidebars & Menus (Slidebars) Cross-Site Scripting (XSS)
oik Cross-Site Scripting (XSS) via Shortcode
OneClick Chat to Order Cross-Site Scripting (XSS)
OpenID Cross-Site Scripting (XSS)
OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Cross-Site Scripting (XSS)
Orbit Fox by ThemeIsle Cross-Site Scripting (XSS) via Registration Form Widget
Otter – Gutenberg Block Cross-Site Scripting (XSS)
Otter – Gutenberg Block Cross-Site Scripting (XSS)
Otter Blocks PRO Cross-Site Scripting (XSS) via File Field CSS
Otter Blocks PRO Unauthenticated Cross-Site Scripting (XSS) via SVG Upload (BAC)
OxyExtras Cross-Site Scripting (XSS)
Page Builder by SiteOrigin Cross-Site Scripting (XSS) via Legacy Image Widget
PageLayer Cross-Site Scripting (XSS) via custom attributes
PageLayer Cross-Site Scripting (XSS) via Custom Attributes
pageMash > Page Management Cross-Site Scripting (XSS)
Passwordless Login Cross-Site Scripting (XSS)
PDF Builder for WPForms Cross-Site Scripting (XSS)
PDF Embedder Cross-Site Scripting (XSS)
PDF Viewer for Elementor Cross-Site Scripting (XSS)
Permalink Manager Lite Cross-Site Scripting (XSS)
Permalink Manager Lite Cross-Site Scripting (XSS)
Permalink Manager Pro Cross-Site Scripting (XSS)
Photo Gallery by Ays Cross-Site Scripting (XSS)
Photo Gallery by Supsystic Cross-Site Scripting (XSS)
Piotnet Addons For Elementor Cross-Site Scripting (XSS)
Platinum SEO Cross-Site Scripting (XSS)
Pocket News Generator Cross-Site Scripting (XSS)
Podlove Podcast Publisher Cross-Site Scripting (XSS)
Podlove Web Player Cross-Site Scripting (XSS)
Popup Builder Cross-Site Scripting (XSS)
Popup Maker Cross-Site Scripting (XSS)
Portfolio Gallery – Image Gallery Plugin Cross-Site Scripting (XSS)
Post and Page Builder by BoldGrid – Visual Drag and Drop Editor Cross-Site Scripting (XSS)
Post Grid Cross-Site Scripting (XSS)
Post Grid, Slider & Carousel Ultimate Cross-Site Scripting (XSS)
Post SMTP Mailer/Email Log Cross-Site Scripting (XSS)
Post-Plugin Library Cross-Site Scripting (XSS)
PowerPack Lite for Beaver Builder Cross-Site Scripting (XSS) via element link
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons PRO Multiple Cross-Site Scripting (XSS)
Premium Packages Cross-Site Scripting (XSS)
Prenotazioni Cross-Site Scripting (XSS)
Preview E-mails for WooCommerce Cross-Site Scripting (XSS)
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS)
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS) via Rubix Widget
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS) via Mercury Widget
Print Page block Cross-Site Scripting (XSS)
Product Feed PRO for WooCommerce Cross-Site Scripting (XSS)
Profile Box Shortcode And Widget Cross-Site Scripting (XSS)
ProfilePress Cross-Site Scripting (XSS) via Shortcode
PropertyHive Cross-Site Scripting (XSS)
Pz-LinkCard Cross-Site Scripting (XSS)
Qi Addons For Elementor Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Radio Player Cross-Site Scripting (XSS)
Rank Math SEO Cross-Site Scripting (XSS) via HowTo block attributes
Real Media Library Lite Cross-Site Scripting (XSS)
ReDi Restaurant Reservation Cross-Site Scripting (XSS)
RegistrationMagic Cross-Site Scripting (XSS)
Responsive flipbook Cross-Site Scripting (XSS)
Responsive Image Gallery, Gallery Album Cross-Site Scripting (XSS)
Responsive Image Gallery, Gallery Album Cross-Site Scripting (XSS)
Responsive Pricing Table Cross-Site Scripting (XSS)
Restrict User Access – Membership Plugin with Force Cross-Site Scripting (XSS)
ReviewX Cross-Site Scripting (XSS)
Royal Elementor Addons Cross-Site Scripting (XSS) via Logo Widget
Sassy Social Share Cross-Site Scripting (XSS) via Shortcode
Scalable Vector Graphics (SVG) Cross-Site Scripting (XSS) via SVG
Scrollsequence Cross-Site Scripting (XSS)
SEO Backlink Monitor Cross-Site Scripting (XSS)
SEO Plugin by Squirrly SEO Cross-Site Scripting (XSS)
SEO Title Tag Cross-Site Scripting (XSS)
SEOPress Cross-Site Scripting (XSS)
Seriously Simple Podcasting Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS) via Shortcode
Shariff Wrapper Cross-Site Scripting (XSS)
Shariff Wrapper Cross-Site Scripting (XSS)
Shipping with Venipak for WooCommerce Cross-Site Scripting (XSS)
Shortlinks by Pretty Links Cross-Site Scripting (XSS)
Simple Ajax Chat Cross-Site Scripting (XSS)
Simple Ajax Chat Unauthenticated StoredCross-Site Scripting (XSS)
Simple Membership Unauthenticated SelfBasedCross-Site Scripting (XSS)
Simply Schedule Appointments Cross-Site Scripting (XSS)
Simply Static Cross-Site Scripting (XSS)
Sina Extension for Elementor Cross-Site Scripting (XSS)
Site Reviews Cross-Site Scripting (XSS)
Site Reviews Cross-Site Scripting (XSS) via display name
Sitekit Cross-Site Scripting (XSS)
SiteOrigin Widgets Bundle Cross-Site Scripting (XSS)
Sky Addons for Elementor Cross-Site Scripting (XSS) via Wrapper Link URL
Slider by Supsystic Cross-Site Scripting (XSS)
Slider Hero Cross-Site Scripting (XSS)
Smart Online Order for Clover Cross-Site Scripting (XSS)
Social Author Bio Cross-Site Scripting (XSS) via Cross Site Request Forgery (CSRF)
SP Project & Document Manager Broken Access Control (BAC) to Cross-Site Scripting (XSS)
Special Box for Content Cross-Site Scripting (XSS)
Specific Content For Mobile – Customize the mobile version without redirections Cross-Site Scripting (XSS)
Spiffy Calendar Cross-Site Scripting (XSS)
Spin 360 deg and 3D Model Viewer Cross-Site Scripting (XSS)
Sponsors Cross-Site Scripting (XSS)
Stackable – Page Builder Gutenberg Blocks Cross-Site Scripting (XSS) via Posts Block
Standout Color Boxes and Buttons Cross-Site Scripting (XSS) via Shortcode
Starbox Cross-Site Scripting (XSS)
Sticky Anything Cross-Site Scripting (XSS)
Stratum Cross-Site Scripting (XSS)
StreamWeasels Twitch Integration Cross-Site Scripting (XSS)
Sunshine Photo Cart Cross-Site Scripting (XSS)
Super Page Cache for Cloudflare Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
SupportCandy Cross-Site Scripting (XSS)
Survey Maker Cross-Site Scripting (XSS)
Survey Maker Cross-Site Scripting (XSS)
Sydney Toolbox Cross-Site Scripting (XSS) via _id
System Dashboard Cross-Site Scripting (XSS) via Header Injection
Table & Contact Form 7 Database – Tablesome Cross-Site Scripting (XSS)
Tax Rate Upload Cross-Site Scripting (XSS)
Team Members Cross-Site Scripting (XSS)
The Moneytizer Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS) Header Meta Content Widget
The Plus Blocks for Block Editor | Gutenberg Cross-Site Scripting (XSS)
Themify Event Post Cross-Site Scripting (XSS)
Themify Shortcodes Cross-Site Scripting (XSS)
Ticket Tailor Cross-Site Scripting (XSS)
Tourfic Cross-Site Scripting (XSS)
Tourfic Cross-Site Scripting (XSS)
Tracking Code Manager Cross-Site Scripting (XSS)
Travelers’ Map Cross-Site Scripting (XSS)
Tumult Hype Animations Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Tutor LMS Elementor Addons Cross-Site Scripting (XSS)
Ultimate Bootstrap Elements for Elementor Cross-Site Scripting (XSS)
Ultimate Member Unauthenticated Cross-Site Scripting (XSS)
Ultimate Posts Widget Cross-Site Scripting (XSS)
Ultimate Social Comments – Email Notification & Lazy Load Cross-Site Scripting (XSS)
underConstruction Cross-Site Scripting (XSS)
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (XSS)
User profile Cross-Site Scripting (XSS)
User Registration Unauthenticated SelfBasedCross-Site Scripting (XSS)
User Rights Access Manager Cross-Site Scripting (XSS)
UsersWP Cross-Site Scripting (XSS) via Shortcode
UX Flat Cross-Site Scripting (XSS) via Shortcode
Video Conferencing with Zoom Cross-Site Scripting (XSS) via Shortcode
Visual Composer Website Builder Cross-Site Scripting (XSS)
Visual Composer Website Builder Cross-Site Scripting (XSS)
Visualizer Cross-Site Scripting (XSS)
VK All in One Expansion Unit Cross-Site Scripting (XSS) via className
WC Builder Cross-Site Scripting (XSS)
WC Marketplace Cross-Site Scripting (XSS)
WCFM – Frontend Manager for WooCommerce Cross-Site Scripting (XSS)
Web Icons Cross-Site Scripting (XSS)
Web Icons Cross-Site Scripting (XSS)
Webinar and Video Conference with Jitsi Meet Cross-Site Scripting (XSS)
Website Article Monetization By MageNet Unauthenticated Cross-Site Scripting (XSS)
Weekly Class Schedule Cross-Site Scripting (XSS)
weForms Unauthenticated Cross-Site Scripting (XSS) via Referer
Weglot Translate Cross-Site Scripting (XSS) via Block Attributes
WEN Responsive Columns Cross-Site Scripting (XSS)
Widget for Social Page Feeds Cross-Site Scripting (XSS)
WishSuite Cross-Site Scripting (XSS)
Woo Viet Cross-Site Scripting (XSS)
WooCommerce Bookings Calendar Cross-Site Scripting (XSS)
WooCommerce Google Feed Manager Cross-Site Scripting (XSS)
WooCommerce License Manager Cross-Site Scripting (XSS)
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Cross-Site Scripting (XSS)
WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels Unauthenticated Cross-Site Scripting (XSS)
Woocommerce Social Media Share Buttons Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
WooLentor Cross-Site Scripting (XSS) via Banner Link
WooThumbs for WooCommerce by Iconic Cross-Site Scripting (XSS)
WordPress Importer Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Meta Data and Taxonomies Filter (MDTF) Cross-Site Scripting (XSS)
WordPress Page Builder – Zion Builder Cross-Site Scripting (XSS)
WP Armour – Honeypot Anti Spam Cross-Site Scripting (XSS)
WP Calameo Cross-Site Scripting (XSS)
WP Change Email Sender Cross-Site Scripting (XSS)
WP Chat App Cross-Site Scripting (XSS) via Block Attributes
WP Coder Cross-Site Scripting (XSS)
WP Directory Kit Cross-Site Scripting (XSS)
WP Editor Cross-Site Scripting (XSS)
WP Fast Total Search Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS) via Shortcode
WP Poll Maker Cross-Site Scripting (XSS)
WP Popups Cross-Site Scripting (XSS)
WP Post Disclaimer Cross-Site Scripting (XSS)
WP Recipe Maker Cross-Site Scripting (XSS) via Video Embed
WP Responsive Tabs horizontal vertical and accordion Tabs Cross-Site Scripting (XSS)
WP Statistics Unauthenticated Cross-Site Scripting (XSS)
WP Twitter Mega Fan Box Widget Cross-Site Scripting (XSS)
WP-CRM System Cross-Site Scripting (XSS)
WP-Eggdrop Cross-Site Scripting (XSS)
wp-forecast Cross-Site Scripting (XSS)
WP-Lister Lite for Amazon Cross-Site Scripting (XSS)
WP-Lister Lite for Amazon Cross-Site Scripting (XSS)
WP-Members Cross-Site Scripting (XSS) via Shortcode
wp-mpdf Cross-Site Scripting (XSS)
WPFront Notification Bar Cross-Site Scripting (XSS)
WPFunnels Cross-Site Scripting (XSS)
WPKoi Templates for Elementor Cross-Site Scripting (XSS) via Advanced Heading Widget
Xpro Elementor Addons Cross-Site Scripting (XSS)
YITH WooCommerce Product Add-Ons Cross-Site Scripting (XSS)
Yoo Slider Cross-Site Scripting (XSS)
Youzify Buddypress Moderation Unauthenticated Cross-Site Scripting (XSS)
WordPress Cross-Site Scripting (XSS) reported in 2023: 2928
WordPress Cross-Site Scripting (XSS) reported in 2024: 710
WHO needs tailored WP Maintenance? EVERYBODY!

Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.

BUY NOW
Security is not a single-task job

Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.

ORDER NOW

Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Scripting audit! Decide after you compare RISK + IMPACT versus COST.

Related Posts

CROSS-SITE SCRIPTING, XSS
ALERT: 14 XSS JAN 2021 – Cross-Site Scripting JAN 2021 Blast

ALERT: 14 XSS JAN 2021 – Cross-Site Scripting JAN 2021 Blast WordPress Security Report Be informed about the latest Cross-Site Scripting, identified and reported publicly in January 2022. As these XSS JAN 2021 vulnerabilities have a severe negative impact on any WordPress Security, consider our FREE security AUDIT. An estimated…

17 Feb 2021
CROSS-SITE SCRIPTING, XSS
59 XSS AUG 2022 – Cross-Site Scripting AUG 2022
09 Aug 2022
CROSS-SITE SCRIPTING, XSS
ALERT: 64 XSS APR 2022 – Cross-Site Scripting APR 2022 Blast
04 Apr 2022
CROSS-SITE SCRIPTING, XSS
WP XSS JUN 2024: 288 Effortless WP Cross-Site Scripting
06 Jun 2024
CROSS-SITE SCRIPTING, XSS
WP XSS MAR 2024: 147 Effortless WP Cross-Site Scripting
06 Mar 2024
CROSS-SITE SCRIPTING, XSS
XSS JUL 2023: 153 Cross-Site Scripting JUL 2023
13 Jul 2023
CROSS-SITE SCRIPTING, XSS
ALERT: 28 XSS MAR 2021 – Cross-Site Scripting MAR 2021 Blast
16 Apr 2021
CROSS-SITE SCRIPTING, XSS
ALERT: 66 XSS MAR 2022 – Cross-Site Scripting MAR 2022 Blast
02 Mar 2022
CROSS-SITE SCRIPTING, XSS
XSS DEC 2023: 223 Cross-Site Scripting DEC 2023 Hack
07 Dec 2023
CROSS-SITE SCRIPTING, XSS
ALERT:150 XSS AUG 2021 – Cross-Site Scripting AUG 2021 Blast
10 Sep 2021
CROSS-SITE SCRIPTING, XSS
WP XSS MAY 2024: 344 Effortless WP Cross-Site Scripting
09 May 2024
CROSS-SITE SCRIPTING, XSS
WP XSS JAN 2024: 135 Effortless WP Cross-Site Scripting
11 Jan 2024
CROSS-SITE SCRIPTING, XSS
ALERT:228 XSS SEP 2021 – Cross-Site Scripting SEP 2021 Blast
02 Nov 2021
CROSS-SITE SCRIPTING, XSS
XSS JUN 2023: 163 Cross-Site Scripting JUN
12 Jun 2023
CROSS-SITE SCRIPTING, XSS
XSS MAR 2023: 137 Cross-Site Scripting MAR 2023
13 Mar 2023
owlpower.eu
owlpower.eu
owlpower.eu
16+ years of owlsome experience
We're on an empowering mission for website owners, who desire not to be transformed forcefully into IT experts.