Scroll Top

WP XSS AUG 2024: 283 Effortless WP Cross-Site Scripting

WP XSS AUG 2024 – WP CROSS-SITE SCRIPTING

WP XSS AUG 2024

WP Cross-Site Scripting

Managed WP & Woo Security Report

Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS AUG 2024 is a -7% DECREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.

WHO needs managed WP security? EVERYBODY!

Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.

The following cases made headlines PUBLICLY just last month in the WP XSS AUG 2024 & WP Cross-Site Scripting category:

Admin Dashboard RSS Feed Cross-Site Scripting (XSS)
AdPush Cross-Site Scripting (XSS)
Advanced post slider Cross-Site Scripting (XSS)
Affiliate Manager Cross-Site Scripting (XSS)
Affiliate Manager Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
AllinOne Video Gallery Cross-Site Scripting (XSS) via Video Shortcode
Amazing Hover Effects Cross-Site Scripting (XSS)
AMP for WP Cross-Site Scripting (XSS) via SVG File Upload (BAC)
Animated AL List Cross-Site Scripting (XSS)
Animated Typed JS Shortcode Cross-Site Scripting (XSS)
Apollo13 Framework Extensions Cross-Site Scripting (XSS)
Appmaker – Convert WooCommerce to Android & iOS Native Mobile Apps Cross-Site Scripting (XSS)
ARForms Form Builder Cross-Site Scripting (XSS)
Arkhe Blocks Cross-Site Scripting (XSS)
ArtPlacer Widget Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
aThemes Starter Sites Cross-Site Scripting (XSS) via SVG File Upload (BAC)
Basil Theme Cross-Site Scripting (XSS)
bbPress Notify Cross-Site Scripting (XSS)
Beaver Builder Cross-Site Scripting (XSS)
Blog, Posts and Category Filter for Elementor Cross-Site Scripting (XSS) via Post and Category Filter Widget
Bold Page Builder Cross-Site Scripting (XSS) via bt_bb_button Shortcode
Booking Calendar Cross-Site Scripting (XSS) via bookingform Shortcode
Booking Ultra Pro Cross-Site Scripting (XSS)
Boot Store Theme Cross-Site Scripting (XSS) via Button Shortcode
Bradmax Player Cross-Site Scripting (XSS)
BSK PDF Manager Cross-Site Scripting (XSS)
Bug Library Cross-Site Scripting (XSS)
Calendar.online / Kalender.digital Cross-Site Scripting (XSS)
Caxton – Create Pro page layouts in Gutenberg Cross-Site Scripting (XSS)
CC & BCC for Woocommerce Order Emails Cross-Site Scripting (XSS)
Change From Email Cross-Site Scripting (XSS)
ChatBot Cross-Site Scripting (XSS)
CM PopUp banners Cross-Site Scripting (XSS)
CodePen Embedded Pens Shortcode Cross-Site Scripting (XSS)
codoc Cross-Site Scripting (XSS)
Comment Reply Email Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
ConeBlog – WordPress Blog Widgets Cross-Site Scripting (XSS)
Contact Form Summary and Print Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Contest Gallery Cross-Site Scripting (XSS)
CopySafe Web Protection Cross-Site Scripting (XSS)
CopySafe Web Protection Cross-Site Scripting (XSS)
Cost Calculator Builder Cross-Site Scripting (XSS)
counterpoint Theme Cross-Site Scripting (XSS)
CoziPress Theme Cross-Site Scripting (XSS)
Create by Mediavine Cross-Site Scripting (XSS)
Ditty Cross-Site Scripting (XSS)
DN Footer Contacts Cross-Site Scripting (XSS)
Donation Block For PayPal Unauthenticated Cross-Site Scripting (XSS)
Download Button for Elementor Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS) via Shortcode
Easy Custom Code (LESS/CSS/JS) – Live editing Cross-Site Scripting (XSS)
Easy Google Maps Cross-Site Scripting (XSS)
Easy Pixels Unauthenticated Cross-Site Scripting (XSS)
Easy Table of Contents Cross-Site Scripting (XSS)
Easy Testimonials Cross-Site Scripting (XSS) via Shortcode
EazyDocs Cross-Site Scripting (XSS)
EazyDocs Cross-Site Scripting (XSS)
ElementInvader Addons for Elementor Cross-Site Scripting (XSS)
Elementor Addons, Widgets and Enhancements – Stax Cross-Site Scripting (XSS)
Elementor – Header, Footer & Blocks Template DOMBased Cross-Site Scripting (XSS)
Element Pack Elementor Addons Cross-Site Scripting (XSS)
Email Encoder Bundle Cross-Site Scripting (XSS)
Embed Peertube Playlist Cross-Site Scripting (XSS)
Eventin Cross-Site Scripting (XSS)
EventON Cross-Site Scripting (XSS) via event subtitle
EventON Missing Authorisation (BAC) to Unauthenticated Cross-Site Scripting (XSS) and Plugin Settings Updates (BAC)
Events Manager Cross-Site Scripting (XSS)
Extensions for Elementor Cross-Site Scripting (XSS) via url Parameter
Extensions for Elementor Cross-Site Scripting (XSS) via EE Events and EE Flipbox Widget
FancyPost – Best Ultimate Post Block, Post Grid, Layouts, Carousel, Slider For Gutenberg & Elementor Cross-Site Scripting (XSS)
Feeds for YouTube DOMBased Cross-Site Scripting (XSS)
Floating Social Media Links Cross-Site Scripting (XSS)
FluentForm Cross-Site Scripting (XSS)
FormFlow Cross-Site Scripting (XSS)
Formidable Forms Cross-Site Scripting (XSS)
Form Maker by 1Web Cross-Site Scripting (XSS)
FULL Customer Unauthenticated Cross-Site Scripting (XSS) via License Plan Parameter
Funnel Builder for WordPress by FunnelKit Cross-Site Scripting (XSS) via SVG Upload (BAC)
Fusion Cross-Site Scripting (XSS)
Genesis Blocks Cross-Site Scripting (XSS) via Sharing Block Attributes
Giveaways and Contests by RafflePress Cross-Site Scripting (XSS)
Goftino Cross-Site Scripting (XSS)
Goya Theme Unauthenticated Cross-Site Scripting (XSS) via Multiple Parameters
GPT3 AI Content Writer Cross-Site Scripting (XSS)
Gum Elementor Addon Cross-Site Scripting (XSS)
Gutenberg Cross-Site Scripting (XSS)
Gutenberg Blocks by Kadence Blocks DOMBased Cross-Site Scripting (XSS) via HTML Data Attributes
Gutenverse Cross-Site Scripting (XSS)
GutSlider – All in One Block Slider Cross-Site Scripting (XSS)
Happy Addons for Elementor Cross-Site Scripting (XSS) via Gradient Heading Widget
Happy Addons for Elementor Cross-Site Scripting (XSS) via PDF View Widget
HelloAsso Cross-Site Scripting (XSS)
Himalayas Theme Cross-Site Scripting (XSS)
Himer Theme Cross-Site Scripting (XSS)
Hostel Cross-Site Scripting (XSS)
HTML Forms Cross-Site Scripting (XSS)
IdeaPush Cross-Site Scripting (XSS)
IfSo Dynamic Content Personalization Cross-Site Scripting (XSS)
Image Hover Effects Caption Hover with Carousel Cross-Site Scripting (XSS)
Image Hover Effects – Elementor Addon Cross-Site Scripting (XSS) via eihe_link Parameter
Image Photo Gallery Final Tiles Grid Cross-Site Scripting (XSS)
Index WP MySQL For Speed Cross-Site Scripting (XSS)
Inline Related Posts Cross-Site Scripting (XSS)
Inline Related Posts Cross-Site Scripting (XSS)
Job Board Manager Cross-Site Scripting (XSS)
Leaflet Maps Marker Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Link To Bible Cross-Site Scripting (XSS)
LiteSpeed Cache Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Livemesh Addons for Beaver Builder Cross-Site Scripting (XSS)
Livemesh Addons for Elementor Multiple Cross-Site Scripting (XSS)
Login by Auth Cross-Site Scripting (XSS) via wle
Login Logo Editor Cross-Site Scripting (XSS)
Magical Addons For Elementor Cross-Site Scripting (XSS)
Magical Posts Display – Elementor & Gutenberg Posts Blocks Cross-Site Scripting (XSS)
MakeCommerce for WooCommerce Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Currency WP Cross-Site Scripting (XSS) via Currency Converter Form Shortcode
Master Popups Cross-Site Scripting (XSS)
MaxButtons Cross-Site Scripting (XSS)
MBE eShip Cross-Site Scripting (XSS)
Media Library Assistant Cross-Site Scripting (XSS)
Mega Elements Cross-Site Scripting (XSS)
Meks Easy Ads Widget Cross-Site Scripting (XSS)
Meks Smart Author Widget Cross-Site Scripting (XSS)
Moloni Cross-Site Scripting (XSS)
MP3 Audio Player for Music, Radio & Podcast by Sonaar Cross-Site Scripting (XSS) via sonaar_audioplayer Shortcode
Multisite Content Copier/Updater Cross-Site Scripting (XSS)
Newspack Ads Cross-Site Scripting (XSS)
Newspack Campaigns Cross-Site Scripting (XSS)
NEXForms – Ultimate Form Builder Cross-Site Scripting (XSS)
NextGEN Gallery Cross-Site Scripting (XSS)
NextGEN Gallery Cross-Site Scripting (XSS)
Ocean Extra Cross-Site Scripting (XSS)
oik Cross-Site Scripting (XSS) via bw_button Shortcode
One Click Order ReOrder Missing Authorisation (BAC) to Cross-Site Scripting (XSS)
OnePress Theme Cross-Site Scripting (XSS)
OpenPGP Form Encryption Cross-Site Scripting (XSS)
Pagerank Tools Cross-Site Scripting (XSS)
Panda Video Cross-Site Scripting (XSS)
ParityPress Cross-Site Scripting (XSS)
PayPlus Payment Gateway Cross-Site Scripting (XSS)
Phlox Portfolio Cross-Site Scripting (XSS) via ' Grid Portfolios'
Plugin Notes Plus Cross-Site Scripting (XSS)
Plum: Spin Wheel & Email Popup Broken Access Control (BAC) to Unauthenticated Cross-Site Scripting (XSS)
Post Layouts for Gutenberg Cross-Site Scripting (XSS)
Post Meta Data Manager Cross-Site Scripting (XSS)
Power BI Embedded for WordPress Cross-Site Scripting (XSS)
PowerPress Podcasting Cross-Site Scripting (XSS) via media_url Parameter
Premium Addons for Elementor Cross-Site Scripting (XSS)
Premium Addons for Elementor Cross-Site Scripting (XSS) via Countdown Widget
Premium Addons for Elementor DOMBased Cross-Site Scripting (XSS) via Animated Text Widget
Premium Blocks – Gutenberg Blocks for WordPress Cross-Site Scripting (XSS)
Pretty Simple Popup Builder Cross-Site Scripting (XSS)
Product Enquiry for WooCommerce Cross-Site Scripting (XSS)
Qi Blocks Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Quiz And Survey Master Cross-Site Scripting (XSS)
Rank Math SEO Cross-Site Scripting (XSS)
ReCaptcha Integration for WordPress Cross-Site Scripting (XSS)
Redux Framework Unauthenticated JSON File Upload (BAC) to Cross-Site Scripting (XSS)
RegLevel Cross-Site Scripting (XSS)
Request a Quote Cross-Site Scripting (XSS)
Responsive Mobile Theme Cross-Site Scripting (XSS)
Responsive Tabs Cross-Site Scripting (XSS)
REVIEWS.io Cross-Site Scripting (XSS)
Rife Elementor Extensions & Templates Cross-Site Scripting (XSS) via Writing Effect Headline Widget
Robo Gallery Cross-Site Scripting (XSS) via Gallery Title
Royal Elementor Addons DOMBased Cross-Site Scripting (XSS) via Magazine Grid/Slider Widget
Save as PDF plugin by Pdfcrowd Cross-Site Scripting (XSS)
Schema & Structured Data for WP & AMP Cross-Site Scripting (XSS) via url Attribute
Secure Copy Content Protection and Content Locking Cross-Site Scripting (XSS)
Send email only on Reply to My Comment Cross-Site Scripting (XSS)
Send email only on Reply to My Comment Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
Seriously Simple Podcasting Cross-Site Scripting (XSS)
Shortcodes Ultimate Pro Cross-Site Scripting (XSS) Cross-Site Scripting (XSS)
Simple Alert Boxes Cross-Site Scripting (XSS) via Alert Shortcode
Simple AL Slider Cross-Site Scripting (XSS)
Simple Popup Cross-Site Scripting (XSS)
Simple Post Notes Cross-Site Scripting (XSS)
Simple Responsive Slider Cross-Site Scripting (XSS)
Simple Social Share Cross-Site Scripting (XSS)
Simple Video Directory Cross-Site Scripting (XSS)
Sina Extension for Elementor Cross-Site Scripting (XSS) via read_more_text Parameter
SiteOrigin Widgets Bundle Cross-Site Scripting (XSS) in Image Grid widget
sitetweet Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
SKT Addons for Elementor Cross-Site Scripting (XSS)
SKT Skill Bar Cross-Site Scripting (XSS)
Sky Addons for Elementor Cross-Site Scripting (XSS)
Slider by 1Web Cross-Site Scripting (XSS)
Slider by 1Web Cross-Site Scripting (XSS)
SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) Cross-Site Scripting (XSS)
Social Auto Poster Cross-Site Scripting (XSS)
Social Auto Poster Unauthenticated Cross-Site Scripting (XSS)
Social Media & Share Icons Cross-Site Scripting (XSS)
Social Media Widget Cross-Site Scripting (XSS)
SpiderContacts Cross-Site Scripting (XSS)
SportsPress – Sports Club & League Manager Cross-Site Scripting (XSS)
Squelch Tabs and Accordions Shortcodes Cross-Site Scripting (XSS) via tab Shortcode
Stock Ticker Cross-Site Scripting (XSS) via stock_ticker Shortcode
SULly Cross-Site Scripting (XSS)
SULly Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF)
SuperSaaS – online appointment scheduling Cross-Site Scripting (XSS)
Support SVG Cross-Site Scripting (XSS) via SVG Upload (BAC)
SVG Block Cross-Site Scripting (XSS) via SVG File Upload (BAC)
SVG Support Cross-Site Scripting (XSS) via SVG
Swift Framework Page Builder Cross-Site Scripting (XSS)
Swift Framework Page Builder Cross-Site Scripting (XSS) via Settings
Tabs For WPBakery Page Builder Cross-Site Scripting (XSS)
Team Members Cross-Site Scripting (XSS)
Template Kit – Export Cross-Site Scripting (XSS)
Testimonials Widget Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS) via Countdown Widget
The Post Grid Cross-Site Scripting (XSS) via section title tag
Timeline Module for Beaver Builder Cross-Site Scripting (XSS)
TOCHAT.BE Unauthenticated Cross-Site Scripting (XSS)
Tournamatch Cross-Site Scripting (XSS)
Tournamatch Cross-Site Scripting (XSS) via Ladders
Tutor LMS Cross-Site Scripting (XSS)
Typebot Cross-Site Scripting (XSS)
Ultimate Addons for WPBakery Page Builder Cross-Site Scripting (XSS) via Shortcode
Ultimate Blocks – Gutenberg Blocks Plugin Cross-Site Scripting (XSS)
Ultimate Blocks – Gutenberg Blocks Plugin Cross-Site Scripting (XSS)
Ultimate Classified Listings Cross-Site Scripting (XSS)
UltraAddons Elementor Lite Cross-Site Scripting (XSS) via Multiple Widgets
UltraAddons Elementor Lite Cross-Site Scripting (XSS)
Uncanny Automator Pro Cross-Site Scripting (XSS)
Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Cross-Site Scripting (XSS) via 'username'
URL Shortener by MyThemeShop Cross-Site Scripting (XSS)
User Feedback Unauthenticated Cross-Site Scripting (XSS) via Name Parameter
User Submitted Posts Cross-Site Scripting (XSS)
VForm Unauthenticated Cross-Site Scripting (XSS)
VK All in One Expansion Unit Cross-Site Scripting (XSS)
Void Contact Form Widget For Elementor Page Builder Cross-Site Scripting (XSS) via cf_redirect_page Attribute
WANotifier Cross-Site Scripting (XSS)
Watu Quiz Cross-Site Scripting (XSS)
Web Directory Free Cross-Site Scripting (XSS)
Webico Slider Flatsome Addons Cross-Site Scripting (XSS) via wbc_image Shortcode
Website Content in Page or Post Cross-Site Scripting (XSS)
Widget4Call Cross-Site Scripting (XSS)
Woffice Cross-Site Scripting (XSS)
Woffice Core Site Wide Cross-Site Scripting (XSS)
Woffice Theme Cross-Site Scripting (XSS)
WooCommerce Predictive Search Cross-Site Scripting (XSS)
WooCommerce Product Table Lite Missing Authorisation (BAC) to Cross-Site Scripting (XSS)
WooCommerce Report Cross-Site Scripting (XSS)
WordPress Happy SCSS Compiler Compile SCSS to CSS automatically plugin Missing Authorisation (BAC) to Cross-Site Scripting (XSS)
WordPress Notification Bar Cross-Site Scripting (XSS)
WP Ajax Contact Form Cross-Site Scripting (XSS)
WP Announcement Cross-Site Scripting (XSS)
WPBITS Addons For Elementor Page Builder Cross-Site Scripting (XSS)
WPBITS Addons For Elementor Page Builder Cross-Site Scripting (XSS) via Multiple Widgets
WP Cookie Law Info Cross-Site Scripting (XSS)
WP Directory Kit Cross-Site Scripting (XSS)
WP eMember Cross-Site Scripting (XSS)
WP eMember Cross-Site Scripting (XSS) in Blacklist via Cross-Site Request Forgery (CSRF)
WP eMember Cross-Site Scripting (XSS) via Member Edit
WP eMember Unauthenticated Cross-Site Scripting (XSS) via Member Registration
WP eStore Multiple Cross-Site Scripting (XSS)
WP Event Aggregator Cross-Site Scripting (XSS)
WP Event Manager Cross-Site Scripting (XSS) via 'events' Shortcode
WPFavicon Cross-Site Scripting (XSS)
WP GoToWebinar Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
WP GoToWebinar Cross-Site Scripting (XSS)
WP Lightbox 2 DOMBased Cross-Site Scripting (XSS)
WP Photo Album Plus Cross-Site Scripting (XSS)
WPQA Builder forms Addon Cross-Site Scripting (XSS)
WP QuickLaTeX Cross-Site Scripting (XSS) in Background Color field
WP QuickLaTeX Cross-Site Scripting (XSS)
WpStickyBar Cross-Site Scripting (XSS)
WP To Do Cross-Site Scripting (XSS)
WP Total Branding Cross-Site Scripting (XSS) via title Parameter
WP Travel Engine Cross-Site Scripting (XSS)
WP ULike Cross-Site Scripting (XSS)
WS Contact Form Cross-Site Scripting (XSS)
XPlainer WooCommerce Product FAQ Cross-Site Scripting (XSS)
XPlainer WooCommerce Product FAQ Missing Authorisation (BAC) to Cross-Site Scripting (XSS)
YITH WooCommerce Ajax Product Filter Cross-Site Scripting (XSS)
zBench Theme Cross-Site Scripting (XSS)
Zenon Lite Theme Cross-Site Scripting (XSS) via Button Shortcode
Zephyr Project Manager Cross-Site Scripting (XSS)
Zoho Campaigns Cross-Site Scripting (XSS)
Zoho CRM Lead Magnet Cross-Site Scripting (XSS)
WordPress Cross-Site Scripting (XSS) reported in 2023: 2928
WordPress Cross-Site Scripting (XSS) reported in 2024: 1929
WHO needs managed WP Maintenance? EVERYBODY!

Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.

Security is not a single-task job

Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.

Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Scripting audit! Decide after you compare RISK + IMPACT versus COST.

02 Apr: WP XSS APR 2025: 404(!) Effortless WP Cross-Site Scripting

We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…

04 Mar: WP XSS MAR 2025: 443 Effortless WP Cross-Site Scripting

We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…

04 Feb: WP XSS FEB 2025: 957(!) Effortless WP Cross-Site Scripting

We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…

07 Jan: WP XSS JAN 2025: 430 Effortless WP Cross-Site Scripting

We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…

We’re passionate about helping you grow and make your impact

Continue being informed



Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes.
Weekly inspiration, news and occasional with hand-picked deals. Unsubscribe anytime.

Related Posts

owlpower.eu
×