Scroll Top

WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting

WP XSS AUG 2024 – WP CROSS-SITE SCRIPTING

WP XSS AUG 2024

WP Cross-Site Scripting

Tailored WP & Woo Security Report

Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS AUG 2024 is a -7% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for tailored WP Security.

WHO needs tailored WP security? EVERYBODY!

Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.

The following cases made headlines PUBLICLY just last month in the WP XSS AUG 2024 & WP Cross-Site Scripting category:

Admin Dashboard RSS Feed Cross-Site Scripting (XSS)
AdPush Cross-Site Scripting (XSS)
Advanced post slider Cross-Site Scripting (XSS)
Affiliate Manager Cross-Site Scripting (XSS)
Affiliate Manager Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
AllinOne Video Gallery Cross-Site Scripting (XSS) via Video Shortcode
Amazing Hover Effects Cross-Site Scripting (XSS)
AMP for WP Cross-Site Scripting (XSS) via SVG File Upload (BAC)
Animated AL List Cross-Site Scripting (XSS)
Animated Typed JS Shortcode Cross-Site Scripting (XSS)
Apollo13 Framework Extensions Cross-Site Scripting (XSS)
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps Cross-Site Scripting (XSS)
ARForms Form Builder Cross-Site Scripting (XSS)
Arkhe Blocks Cross-Site Scripting (XSS)
ArtPlacer Widget Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
aThemes Starter Sites Cross-Site Scripting (XSS) via SVG File Upload (BAC)
Basil Theme Cross-Site Scripting (XSS)
bbPress Notify Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS)
Blog, Posts and Category Filter for Elementor Cross-Site Scripting (XSS) via Post and Category Filter Widget
Bold Page Builder Cross-Site Scripting (XSS) via bt_bb_button Shortcode
Booking Calendar Cross-Site Scripting (XSS) via bookingform Shortcode
Booking Ultra Pro Cross-Site Scripting (XSS)
Boot Store Theme Cross-Site Scripting (XSS) via Button Shortcode
Bradmax Player Cross-Site Scripting (XSS)
BSK PDF Manager Cross-Site Scripting (XSS)
Bug Library Cross-Site Scripting (XSS)
Calendar.online / Kalender.digital Cross-Site Scripting (XSS)
Caxton – Create Pro page layouts in Gutenberg Cross-Site Scripting (XSS)
CC & BCC for Woocommerce Order Emails Cross-Site Scripting (XSS)
Change From Email Cross-Site Scripting (XSS)
ChatBot Cross-Site Scripting (XSS)
CM PopUp banners Cross-Site Scripting (XSS)
CodePen Embedded Pens Shortcode Cross-Site Scripting (XSS)
codoc Cross-Site Scripting (XSS)
Comment Reply Email Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
ConeBlog – WordPress Blog Widgets Cross-Site Scripting (XSS)
Contact Form Summary and Print Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
CopySafe Web Protection Cross-Site Scripting (XSS)
CopySafe Web Protection Cross-Site Scripting (XSS)
Cost Calculator Builder Cross-Site Scripting (XSS)
counterpoint Theme Cross-Site Scripting (XSS)
CoziPress Theme Cross-Site Scripting (XSS)
Create by Mediavine Cross-Site Scripting (XSS)
Ditty Cross-Site Scripting (XSS)
DN Footer Contacts Cross-Site Scripting (XSS)
Donation Block For PayPal Unauthenticated Cross-Site Scripting (XSS)
Download Button for Elementor Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS) via Shortcode
Easy Custom Code (LESS/CSS/JS) – Live editing Cross-Site Scripting (XSS)
Easy Google Maps Cross-Site Scripting (XSS)
Easy Pixels Unauthenticated Cross-Site Scripting (XSS)
Easy Table of Contents Cross-Site Scripting (XSS)
Easy Testimonials Cross-Site Scripting (XSS) via Shortcode
EazyDocs Cross-Site Scripting (XSS)
EazyDocs Cross-Site Scripting (XSS)
ElementInvader Addons for Elementor Cross-Site Scripting (XSS)
Elementor Addons, Widgets and Enhancements – Stax Cross-Site Scripting (XSS)
Elementor – Header, Footer & Blocks Template DOMBased Cross-Site Scripting (XSS)
Element Pack Elementor Addons Cross-Site Scripting (XSS)
Email Encoder Bundle Cross-Site Scripting (XSS)
Embed Peertube Playlist Cross-Site Scripting (XSS)
Eventin Cross-Site Scripting (XSS)
EventON Cross-Site Scripting (XSS) via event subtitle
EventON Missing Authorization (BAC) to Unauthenticated Cross-Site Scripting (XSS) and Plugin Settings Updates (BAC)
Events Manager Cross-Site Scripting (XSS)
Extensions for Elementor Cross-Site Scripting (XSS) via url Parameter
Extensions for Elementor Cross-Site Scripting (XSS) via EE Events and EE Flipbox Widget
FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor Cross-Site Scripting (XSS)
Feeds for YouTube DOMBased Cross-Site Scripting (XSS)
Floating Social Media Links Cross-Site Scripting (XSS)
FluentForm Cross-Site Scripting (XSS)
FormFlow Cross-Site Scripting (XSS)
Formidable Forms Cross-Site Scripting (XSS)
Form Maker by 1Web Cross-Site Scripting (XSS)
FULL Customer Unauthenticated Cross-Site Scripting (XSS) via License Plan Parameter
Funnel Builder for WordPress by FunnelKit Cross-Site Scripting (XSS) via SVG Upload (BAC)
Fusion Cross-Site Scripting (XSS)
Genesis Blocks Cross-Site Scripting (XSS) via Sharing Block Attributes
Giveaways and Contests by RafflePress Cross-Site Scripting (XSS)
Goftino Cross-Site Scripting (XSS)
Goya Theme Unauthenticated Cross-Site Scripting (XSS) via Multiple Parameters
GPT3 AI Content Writer Cross-Site Scripting (XSS)
Gum Elementor Addon Cross-Site Scripting (XSS)
Gutenberg Cross-Site Scripting (XSS)
Gutenberg Blocks by Kadence Blocks DOMBased Cross-Site Scripting (XSS) via HTML Data Attributes
Gutenverse Cross-Site Scripting (XSS)
GutSlider – All in One Block Slider Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS) via Gradient Heading Widget
Happy Addons for Elementor Cross-Site Scripting (XSS) via PDF View Widget
HelloAsso Cross-Site Scripting (XSS)
Himalayas Theme Cross-Site Scripting (XSS)
Himer Theme Cross-Site Scripting (XSS)
Hostel Cross-Site Scripting (XSS)
HTML Forms Cross-Site Scripting (XSS)
IdeaPush Cross-Site Scripting (XSS)
IfSo Dynamic Content Personalization Cross-Site Scripting (XSS)
Image Hover Effects Caption Hover with Carousel Cross-Site Scripting (XSS)
Image Hover Effects – Elementor Addon Cross-Site Scripting (XSS) via eihe_link Parameter
Image Photo Gallery Final Tiles Grid Cross-Site Scripting (XSS)
Index WP MySQL For Speed Cross-Site Scripting (XSS)
Inline Related Posts Cross-Site Scripting (XSS)
Inline Related Posts Cross-Site Scripting (XSS)
Job Board Manager Cross-Site Scripting (XSS)
Leaflet Maps Marker Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link To Bible Cross-Site Scripting (XSS)
LiteSpeed Cache Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Livemesh Addons for Beaver Builder Cross-Site Scripting (XSS)
Livemesh Addons for Elementor Multiple Cross-Site Scripting (XSS)
Login by Auth Cross-Site Scripting (XSS) via wle
Login Logo Editor Cross-Site Scripting (XSS)
Magical Addons For Elementor Cross-Site Scripting (XSS)
Magical Posts Display – Elementor & Gutenberg Posts Blocks Cross-Site Scripting (XSS)
MakeCommerce for WooCommerce Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Currency WP Cross-Site Scripting (XSS) via Currency Converter Form Shortcode
Master Popups Cross-Site Scripting (XSS)
MaxButtons Cross-Site Scripting (XSS)
MBE eShip Cross-Site Scripting (XSS)
Media Library Assistant Cross-Site Scripting (XSS)
Mega Elements Cross-Site Scripting (XSS)
Meks Easy Ads Widget Cross-Site Scripting (XSS)
Meks Smart Author Widget Cross-Site Scripting (XSS)
Moloni Cross-Site Scripting (XSS)
MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (XSS) via sonaar_audioplayer Shortcode
Multisite Content Copier/Updater Cross-Site Scripting (XSS)
Newspack Ads Cross-Site Scripting (XSS)
Newspack Campaigns Cross-Site Scripting (XSS)
NEXForms – Ultimate Form Builder Cross-Site Scripting (XSS)
NextGEN Gallery Cross-Site Scripting (XSS)
NextGEN Gallery Cross-Site Scripting (XSS)
Ocean Extra Cross-Site Scripting (XSS)
oik Cross-Site Scripting (XSS) via bw_button Shortcode
One Click Order ReOrder Missing Authorization (BAC) to Cross-Site Scripting (XSS)
OnePress Theme Cross-Site Scripting (XSS)
OpenPGP Form Encryption Cross-Site Scripting (XSS)
Pagerank Tools Cross-Site Scripting (XSS)
Panda Video Cross-Site Scripting (XSS)
ParityPress Cross-Site Scripting (XSS)
PayPlus Payment Gateway Cross-Site Scripting (XSS)
Phlox Portfolio Cross-Site Scripting (XSS) via ' Grid Portfolios'
Plugin Notes Plus Cross-Site Scripting (XSS)
Plum: Spin Wheel & Email Popup Broken Access Control (BAC) to Unauthenticated Cross-Site Scripting (XSS)
Post Layouts for Gutenberg Cross-Site Scripting (XSS)
Post Meta Data Manager Cross-Site Scripting (XSS)
Power BI Embedded for WordPress Cross-Site Scripting (XSS)
PowerPress Podcasting Cross-Site Scripting (XSS) via media_url Parameter
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons for Elementor Cross-Site Scripting (XSS) via Countdown Widget
Premium Addons for Elementor DOMBased Cross-Site Scripting (XSS) via Animated Text Widget
Premium Blocks – Gutenberg Blocks for WordPress Cross-Site Scripting (XSS)
Pretty Simple Popup Builder Cross-Site Scripting (XSS)
Product Enquiry for WooCommerce Cross-Site Scripting (XSS)
Qi Blocks Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Rank Math SEO Cross-Site Scripting (XSS)
ReCaptcha Integration for WordPress Cross-Site Scripting (XSS)
Redux Framework Unauthenticated JSON File Upload (BAC) to Cross-Site Scripting (XSS)
RegLevel Cross-Site Scripting (XSS)
Request a Quote Cross-Site Scripting (XSS)
Responsive Mobile Theme Cross-Site Scripting (XSS)
Responsive Tabs Cross-Site Scripting (XSS)
REVIEWS.io Cross-Site Scripting (XSS)
Rife Elementor Extensions & Templates Cross-Site Scripting (XSS) via Writing Effect Headline Widget
Robo Gallery Cross-Site Scripting (XSS) via Gallery Title
Royal Elementor Addons DOMBased Cross-Site Scripting (XSS) via Magazine Grid/Slider Widget
Save as PDF plugin by Pdfcrowd Cross-Site Scripting (XSS)
Schema & Structured Data for WP & AMP Cross-Site Scripting (XSS) via url Attribute
Secure Copy Content Protection and Content Locking Cross-Site Scripting (XSS)
Send email only on Reply to My Comment Cross-Site Scripting (XSS)
Send email only on Reply to My Comment Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
Seriously Simple Podcasting Cross-Site Scripting (XSS)
Shortcodes Ultimate Pro Cross-Site Scripting (XSS) Cross-Site Scripting (XSS)
Simple Alert Boxes Cross-Site Scripting (XSS) via Alert Shortcode
Simple AL Slider Cross-Site Scripting (XSS)
Simple Popup Cross-Site Scripting (XSS)
Simple Post Notes Cross-Site Scripting (XSS)
Simple Responsive Slider Cross-Site Scripting (XSS)
Simple Social Share Cross-Site Scripting (XSS)
Simple Video Directory Cross-Site Scripting (XSS)
Sina Extension for Elementor Cross-Site Scripting (XSS) via read_more_text Parameter
SiteOrigin Widgets Bundle Cross-Site Scripting (XSS) in Image Grid widget
sitetweet Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
SKT Addons for Elementor Cross-Site Scripting (XSS)
SKT Skill Bar Cross-Site Scripting (XSS)
Sky Addons for Elementor Cross-Site Scripting (XSS)
Slider by 1Web Cross-Site Scripting (XSS)
Slider by 1Web Cross-Site Scripting (XSS)
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) Cross-Site Scripting (XSS)
Social Auto Poster Cross-Site Scripting (XSS)
Social Auto Poster Unauthenticated Cross-Site Scripting (XSS)
Social Media & Share Icons Cross-Site Scripting (XSS)
Social Media Widget Cross-Site Scripting (XSS)
SpiderContacts Cross-Site Scripting (XSS)
SportsPress – Sports Club & League Manager Cross-Site Scripting (XSS)
Squelch Tabs and Accordions Shortcodes Cross-Site Scripting (XSS) via tab Shortcode
Stock Ticker Cross-Site Scripting (XSS) via stock_ticker Shortcode
SULly Cross-Site Scripting (XSS)
SULly Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
SuperSaaS – online appointment scheduling Cross-Site Scripting (XSS)
Support SVG Cross-Site Scripting (XSS) via SVG Upload (BAC)
SVG Block Cross-Site Scripting (XSS) via SVG File Upload (BAC)
SVG Support Cross-Site Scripting (XSS) via SVG
Swift Framework Page Builder Cross-Site Scripting (XSS)
Swift Framework Page Builder Cross-Site Scripting (XSS) via Settings
Tabs For WPBakery Page Builder Cross-Site Scripting (XSS)
Team Members Cross-Site Scripting (XSS)
Template Kit – Export Cross-Site Scripting (XSS)
Testimonials Widget Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS) via Countdown Widget
The Post Grid Cross-Site Scripting (XSS) via section title tag
Timeline Module for Beaver Builder Cross-Site Scripting (XSS)
TOCHAT.BE Unauthenticated Cross-Site Scripting (XSS)
Tournamatch Cross-Site Scripting (XSS)
Tournamatch Cross-Site Scripting (XSS) via Ladders
Tutor LMS Cross-Site Scripting (XSS)
Typebot Cross-Site Scripting (XSS)
Ultimate Addons for WPBakery Page Builder Cross-Site Scripting (XSS) via Shortcode
Ultimate Blocks – Gutenberg Blocks Plugin Cross-Site Scripting (XSS)
Ultimate Blocks – Gutenberg Blocks Plugin Cross-Site Scripting (XSS)
Ultimate Classified Listings Cross-Site Scripting (XSS)
UltraAddons Elementor Lite Cross-Site Scripting (XSS) via Multiple Widgets
UltraAddons Elementor Lite Cross-Site Scripting (XSS)
Uncanny Automator Pro Cross-Site Scripting (XSS)
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (XSS) via 'username'
URL Shortener by MyThemeShop Cross-Site Scripting (XSS)
User Feedback Unauthenticated Cross-Site Scripting (XSS) via Name Parameter
User Submitted Posts Cross-Site Scripting (XSS)
VForm Unauthenticated Cross-Site Scripting (XSS)
VK All in One Expansion Unit Cross-Site Scripting (XSS)
Void Contact Form Widget For Elementor Page Builder Cross-Site Scripting (XSS) via cf_redirect_page Attribute
WANotifier Cross-Site Scripting (XSS)
Watu Quiz Cross-Site Scripting (XSS)
Web Directory Free Cross-Site Scripting (XSS)
Webico Slider Flatsome Addons Cross-Site Scripting (XSS) via wbc_image Shortcode
Website Content in Page or Post Cross-Site Scripting (XSS)
Widget4Call Cross-Site Scripting (XSS)
Woffice Cross-Site Scripting (XSS)
Woffice Core Site Wide Cross-Site Scripting (XSS)
Woffice Theme Cross-Site Scripting (XSS)
WooCommerce Predictive Search Cross-Site Scripting (XSS)
WooCommerce Product Table Lite Missing Authorization (BAC) to Cross-Site Scripting (XSS)
WooCommerce Report Cross-Site Scripting (XSS)
WordPress Happy SCSS Compiler Compile SCSS to CSS automatically plugin Missing Authorization (BAC) to Cross-Site Scripting (XSS)
WordPress Notification Bar Cross-Site Scripting (XSS)
WP Ajax Contact Form Cross-Site Scripting (XSS)
WP Announcement Cross-Site Scripting (XSS)
WPBITS Addons For Elementor Page Builder Cross-Site Scripting (XSS)
WPBITS Addons For Elementor Page Builder Cross-Site Scripting (XSS) via Multiple Widgets
WP Cookie Law Info Cross-Site Scripting (XSS)
WP Directory Kit Cross-Site Scripting (XSS)
WP eMember Cross-Site Scripting (XSS)
WP eMember Cross-Site Scripting (XSS) in Blacklist via Cross-Site Request Forgery (CSRF)
WP eMember Cross-Site Scripting (XSS) via Member Edit
WP eMember Unauthenticated Cross-Site Scripting (XSS) via Member Registration
WP eStore Multiple Cross-Site Scripting (XSS)
WP Event Aggregator Cross-Site Scripting (XSS)
WP Event Manager Cross-Site Scripting (XSS) via 'events' Shortcode
WPFavicon Cross-Site Scripting (XSS)
WP GoToWebinar Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
WP GoToWebinar Cross-Site Scripting (XSS)
WP Lightbox 2 DOMBased Cross-Site Scripting (XSS)
WP Photo Album Plus Cross-Site Scripting (XSS)
WPQA Builder forms Addon Cross-Site Scripting (XSS)
WP QuickLaTeX Cross-Site Scripting (XSS) in Background Color field
WP QuickLaTeX Cross-Site Scripting (XSS)
WpStickyBar Cross-Site Scripting (XSS)
WP To Do Cross-Site Scripting (XSS)
WP Total Branding Cross-Site Scripting (XSS) via title Parameter
WP Travel Engine Cross-Site Scripting (XSS)
WP ULike Cross-Site Scripting (XSS)
WS Contact Form Cross-Site Scripting (XSS)
XPlainer WooCommerce Product FAQ Cross-Site Scripting (XSS)
XPlainer WooCommerce Product FAQ Missing Authorization (BAC) to Cross-Site Scripting (XSS)
YITH WooCommerce Ajax Product Filter Cross-Site Scripting (XSS)
zBench Theme Cross-Site Scripting (XSS)
Zenon Lite Theme Cross-Site Scripting (XSS) via Button Shortcode
Zephyr Project Manager Cross-Site Scripting (XSS)
Zoho Campaigns Cross-Site Scripting (XSS)
Zoho CRM Lead Magnet Cross-Site Scripting (XSS)
WordPress Cross-Site Scripting (XSS) reported in 2023: 2928
WordPress Cross-Site Scripting (XSS) reported in 2024: 1929
WHO needs tailored WP Maintenance? EVERYBODY!

Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.

Security is not a single-task job

Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.

Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Scripting audit! Decide after you compare RISK + IMPACT versus COST.

Related Posts

owlpower.eu
owlpower.eu
owlpower.eu