WP XSS FEB 2025
WP Cross-Site Scripting
Managed WP & Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS FEB 2025 is a +123% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.
WHO needs managed WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
The following cases made headlines PUBLICLY just last month in the WP XSS FEB 2025 & WP Cross-Site Scripting category:
| 아임포트 결제버튼 생성 플러그인 | Cross-Site Scripting (XSS) |
| 3DVieweronline | Cross-Site Scripting (XSS) |
| 5centsCDN | Cross-Site Scripting (XSS) |
| A5 Custom Login Page | Cross-Site Scripting (XSS) |
| Able Player | Cross-Site Scripting (XSS) |
| Accessibility Task Manager | Cross-Site Scripting (XSS) |
| Accordion Slider Lite | Cross-Site Scripting (XSS) |
| Ad Blocking Detector | Cross-Site Scripting (XSS) |
| add custom google tag manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| AddFunc Mobile Detect | Cross-Site Scripting (XSS) |
| Add RSS | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Admin Cleanup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Admin Menu Organizer | Cross-Site Scripting (XSS) |
| Advanced Dynamic Pricing for WooCommerce | Cross-Site Scripting (XSS) |
| Advanced Form Integration | Cross-Site Scripting (XSS) |
| Advanced Product Information for WooCommerce | Cross-Site Scripting (XSS) |
| Affiliate Disclosure Statement | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Affiliate Tools Việt Nam | Cross-Site Scripting (XSS) |
| a Gateway for Pasargad Bank on WooCommerce | Cross-Site Scripting (XSS) |
| AI Chatbot for WordPress – Hyve Lite | Cross-Site Scripting (XSS) |
| Ai Image Alt Text Generator for WP | Cross-Site Scripting (XSS) |
| Ajax Contact Form | Cross-Site Scripting (XSS) |
| Ajax WP Query Search Filter | Cross-Site Scripting (XSS) |
| Aklamator INfeed | Cross-Site Scripting (XSS) |
| Aklamator INfeed | Cross-Site Scripting (XSS) |
| Alex Reservations | Cross-Site Scripting (XSS) from Shortcode |
| All Bootstrap Blocks | Cross-Site Scripting (XSS) |
| All Embed – Elementor Addons | Cross-Site Scripting (XSS) |
| all-in-one-box-login | Cross-Site Scripting (XSS) |
| Alpha Price Table For Elementor | Cross-Site Scripting (XSS) |
| Altima Lookbook Free for WooCommerce | Cross-Site Scripting (XSS) |
| AlT Report | Cross-Site Scripting (XSS) |
| Amber | Cross-Site Scripting (XSS) |
| amr personalise | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Annie | Cross-Site Scripting (XSS) |
| Annie | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Anonymize Links | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Aports - Single Property WordPress Theme | Cross-Site Scripting (XSS) |
| App Embed | Cross-Site Scripting (XSS) |
| ApplicantPro | Cross-Site Scripting (XSS) |
| Apply with LinkedIn buttons | Cross-Site Scripting (XSS) |
| Apply with LinkedIn buttons | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Arcade Read (BAC)y | Cross-Site Scripting (XSS) |
| ARPrice | Cross-Site Scripting (XSS) |
| ARS Affiliate Page Plugin | Cross-Site Scripting (XSS) |
| Asgard Security Scanner | Cross-Site Scripting (XSS) |
| Ask Me Anything (Anonymously) | Cross-Site Scripting (XSS) |
| Atarim | Cross-Site Scripting (XSS) |
| Auction Nudge – Your eBay on Your Site | Cross-Site Scripting (XSS) |
| Auphonic Importer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Author Avatars List/Block | Cross-Site Scripting (XSS) |
| Autocompleter | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Auto FTP | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Auto iFrame | Cross-Site Scripting (XSS) from Shortcode |
| Automate Hub | Cross-Site Scripting (XSS) |
| Automatically Hierarchic Categories in Menu | Cross-Site Scripting (XSS) |
| Awesome Hooks | Cross-Site Scripting (XSS) |
| Awesome Timeline | Cross-Site Scripting (XSS) |
| AZ Content Finder | Cross-Site Scripting (XSS) |
| Backlink Monitoring Manager | Cross-Site Scripting (XSS) |
| Bauernregeln | Cross-Site Scripting (XSS) |
| Betheme Theme | Cross-Site Scripting (XSS) from Custom JS |
| Better User Shortcodes | Cross-Site Scripting (XSS) |
| Bible Embed | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Bilingual Linker | Cross-Site Scripting (XSS) |
| Biltorvet Dealer Tools | Cross-Site Scripting (XSS) |
| Binary MLM Woocommerce | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Bit.ly linker | Cross-Site Scripting (XSS) |
| Bizapp for WooCommerce | Cross-Site Scripting (XSS) |
| BizLibrary | Cross-Site Scripting (XSS) |
| Black Widgets For Elementor | Cross-Site Scripting (XSS) |
| Blogger Image Import | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Blog Summary | Cross-Site Scripting (XSS) |
| Blrt WP Embed | Cross-Site Scripting (XSS) |
| Blue Wrench Video Widget | Cross-Site Scripting (XSS) |
| blu Logistics | Cross-Site Scripting (XSS) |
| Blur Text | Cross-Site Scripting (XSS) |
| BMLT Meeting Map | Cross-Site Scripting (XSS) |
| Board Election | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Bold pagos en linea | Cross-Site Scripting (XSS) |
| Boliin - Resort & Hotel Booking WordPress Theme | Cross-Site Scripting (XSS) |
| Bonjour Bar | Cross-Site Scripting (XSS) |
| Bookalet | Cross-Site Scripting (XSS) |
| Book a Place | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Booking and Rental Manager | Cross-Site Scripting (XSS) |
| Booking Calendar | DOM Based Cross-Site Scripting (XSS) from 'booking' Shortcode |
| Booking calendar, Appointment Booking System | Cross-Site Scripting (XSS) from 'calendar_id' |
| Booking Calendar Contact Form | Cross-Site Scripting (XSS) |
| Booking Calendar Pro (WpDevArt) | Cross-Site Scripting (XSS) from 'calendar_id' |
| BookingPress | Cross-Site Scripting (XSS) |
| Boot-Modal | Cross-Site Scripting (XSS) |
| Bootstrap Blocks for WP Editor v2 | Cross-Site Scripting (XSS) |
| Borderless | Cross-Site Scripting (XSS) from SVG Upload (BAC) |
| BP Email Assign Templates | Cross-Site Scripting (XSS) |
| BP Profile Shortcodes Extra | Cross-Site Scripting (XSS) |
| Brizy Pro | Cross-Site Scripting (XSS) |
| Broadstreet | Cross-Site Scripting (XSS) from zone Parameter |
| brodos.net Onlineshop Plugin | Cross-Site Scripting (XSS) |
| Browser-Update-Notify | Cross-Site Scripting (XSS) |
| Bulk Categories Assign | Cross-Site Scripting (XSS) |
| Bulk Me Now! | Cross-Site Scripting (XSS) |
| Bulk Me Now! | Cross-Site Scripting (XSS) from Shortcode |
| BU Section Editing | Cross-Site Scripting (XSS) |
| Button Block | Cross-Site Scripting (XSS) |
| BVD Easy Gallery Manager | Cross-Site Scripting (XSS) |
| Caching Compatible Cookie Opt-In and JavaScript | Cross-Site Scripting (XSS) |
| Calendi | Cross-Site Scripting (XSS) |
| Call me Now | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Call and Action Popup | Cross-Site Scripting (XSS) |
| CAMOO SMS | Cross-Site Scripting (XSS) |
| Canalplan | Cross-Site Scripting (XSS) |
| Candifly | Cross-Site Scripting (XSS) |
| CanvasFlow | Cross-Site Scripting (XSS) |
| Captchelfie – Captcha by Selfie | Cross-Site Scripting (XSS) |
| Car Demon | Cross-Site Scripting (XSS) |
| CarZine Theme | Cross-Site Scripting (XSS) |
| Catalog Importer, Scraper & Crawler | Cross-Site Scripting (XSS) |
| Catch Duplicate Switcher | Cross-Site Scripting (XSS) |
| Category Custom Fields | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Category D3 Tree | Cross-Site Scripting (XSS) |
| Category Posts Widget | Cross-Site Scripting (XSS) |
| Causes – Donation Plugin | Cross-Site Scripting (XSS) |
| CBX Accounting & Bookkeeping | Cross-Site Scripting (XSS) |
| CC Canadian Mortgage Calculator | Cross-Site Scripting (XSS) |
| CC Circle Progress Bar | Cross-Site Scripting (XSS) |
| Cf7Save Extension | Cross-Site Scripting (XSS) |
| CF7 WOW Styler | Unauthenticated Shortcode Execution (BAC) and Cross-Site Scripting (XSS) |
| CGD Arrange Terms | Cross-Site Scripting (XSS) |
| Chamber Dashboard Business Directory | Cross-Site Scripting (XSS) |
| Charity-thermometer | Cross-Site Scripting (XSS) |
| ChatGPT Open AI Images & Content for WooCommerce | Cross-Site Scripting (XSS) |
| Chatroll Live Chat | Cross-Site Scripting (XSS) |
| Chat Support for Viber | Cross-Site Scripting (XSS) |
| Chatter | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Checkout for PayPal | Cross-Site Scripting (XSS) |
| Chess Tempo Viewer | Cross-Site Scripting (XSS) |
| CJ Custom Content | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages | Cross-Site Scripting (XSS) |
| Clinked Client Portal | Cross-Site Scripting (XSS) |
| Cliptakes | Cross-Site Scripting (XSS) |
| CloudFlare(R) Cache Purge | Cross-Site Scripting (XSS) |
| CLUEVO LMS, E-Learning Platform | Cross-Site Scripting (XSS) |
| CMC MIGRATE | Cross-Site Scripting (XSS) |
| CNZZ&51LA for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Cobwebo URL Plugin | Cross-Site Scripting (XSS) |
| CodeBard Help Desk | Cross-Site Scripting (XSS) |
| CodeBard Help Desk | Cross-Site Scripting (XSS) |
| CoDesigner WooCommerce Builder for Elementor | Cross-Site Scripting (XSS) |
| Comment-Emailer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Common Ninja | Cross-Site Scripting (XSS) |
| Compare Ninja | Cross-Site Scripting (XSS) |
| ComparePress | Cross-Site Scripting (XSS) |
| Competition Form | Cross-Site Scripting (XSS) |
| Constix - Construction Factory & Industrial WordPress Theme | Cross-Site Scripting (XSS) |
| Contact Form 7 – CCAvenue Add-on | Cross-Site Scripting (XSS) |
| Contact Form 7 Round Robin Lead Distribution | Cross-Site Scripting (XSS) |
| Contact Form Email | Cross-Site Scripting (XSS) |
| Contact Form Master – by Edmon | Cross-Site Scripting (XSS) |
| Content Blocks Builder | Cross-Site Scripting (XSS) |
| Content Mirror | Cross-Site Scripting (XSS) |
| ContentOptin Lite | Cross-Site Scripting (XSS) |
| Content Planner | Cross-Site Scripting (XSS) |
| Content Security Policy Pro | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Contexto | Cross-Site Scripting (XSS) |
| Conult - Consulting Business WordPress Themes | Cross-Site Scripting (XSS) |
| Conversational Forms for ChatBot | Cross-Site Scripting (XSS) |
| Cookie Consent & Autoblock for GDPR/CCPA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Coupon | Cross-Site Scripting (XSS) |
| Create with Code | Cross-Site Scripting (XSS) |
| CRUDLab Like Box | Cross-Site Scripting (XSS) |
| CtyGrid Hyp3rL0cal Search | Cross-Site Scripting (XSS) |
| CubePM | Cross-Site Scripting (XSS) |
| Curated Search | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Coming Soon | Cross-Site Scripting (XSS) |
| Custom CSS Addons | Cross-Site Scripting (XSS) |
| Custom DataBase Tables | Cross-Site Scripting (XSS) |
| Custom Field For WP Job Manager | Cross-Site Scripting (XSS) |
| Customizable Captcha and Contact Us | Cross-Site Scripting (XSS) |
| Custom List Table Example | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Page Extensions | Cross-Site Scripting (XSS) |
| Custom Post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Widget Classes | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom WP Store Locator | Cross-Site Scripting (XSS) |
| Cyber Slider | Cross-Site Scripting (XSS) |
| Daily Proverb | Cross-Site Scripting (XSS) |
| DearFlip | Cross-Site Scripting (XSS) |
| Debt Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Deliver from Shipos for WooCommerce | Cross-Site Scripting (XSS) from dvsfw_bulk_label_url Parameter |
| Demo User DZS | Cross-Site Scripting (XSS) |
| Dental Optimizer Patient Generator App | Cross-Site Scripting (XSS) |
| Designer | Cross-Site Scripting (XSS) |
| Dezdy | Cross-Site Scripting (XSS) |
| DF Draggable | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| dForms | Cross-Site Scripting (XSS) |
| Digi Store Theme | Cross-Site Scripting (XSS) |
| DirectoryPress | Cross-Site Scripting (XSS) |
| Distance Based Shipping Calculator | Cross-Site Scripting (XSS) |
| Divi Carousel Lite | Cross-Site Scripting (XSS) from Image Carousel and Logo Carousel Widgets |
| DiviTorque – Divi Theme, Divi Builder and Extra Theme | Cross-Site Scripting (XSS) from Multiple Widgets |
| DN Sitemap Control | Cross-Site Scripting (XSS) |
| Dominion – Domain Checker for WPBakery | Cross-Site Scripting (XSS) |
| Donate visa | Cross-Site Scripting (XSS) |
| Donation Block For PayPal | Cross-Site Scripting (XSS) |
| Download, Downloads | Cross-Site Scripting (XSS) |
| Download IP2Location Country Blocker | Cross-Site Scripting (XSS) |
| DsgnWrks Twitter Importer | Cross-Site Scripting (XSS) |
| DX Sales CRM | Cross-Site Scripting (XSS) |
| Dyn Business Panel | Cross-Site Scripting (XSS) |
| Dyn Business Panel | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| DZS Ajaxer Lite | Cross-Site Scripting (XSS) |
| Easy Automatic Newsletter Lite | Cross-Site Scripting (XSS) |
| Easy Digital Downloads | Cross-Site Scripting (XSS) from Title |
| Easy EU Cookie law | Cross-Site Scripting (XSS) |
| Easy FAQs | Cross-Site Scripting (XSS) |
| Easy Filtering | Cross-Site Scripting (XSS) |
| Easy Form Builder | Missing Authorization (BAC) and Cross-Site Scripting (XSS) |
| Easy Portfolio | Cross-Site Scripting (XSS) |
| Easy Shortcode Buttons | Cross-Site Scripting (XSS) |
| Easy Tweet Embed | Cross-Site Scripting (XSS) |
| Easy Tynt | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy YouTube Gallery | Cross-Site Scripting (XSS) |
| ECT Add and Cart Button | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ECT Home Page Products | Cross-Site Scripting (XSS) |
| EditionGuard for WooCommerce – eBook Sales with DRM | Cross-Site Scripting (XSS) |
| Education LMS Theme | Cross-Site Scripting (XSS) |
| EELV Newsletter | Cross-Site Scripting (XSS) |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| ElementInvader Addons for Elementor | Cross-Site Scripting (XSS) |
| Elementor AI Addons | Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | Cross-Site Scripting (XSS) |
| ElementsCSS Addons for Elementor | Cross-Site Scripting (XSS) |
| ElementsKit Pro | DOM Based Cross-Site Scripting (XSS) from url Parameter |
| Elevio | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Email on Publish | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| EmailPress | Cross-Site Scripting (XSS) |
| Email Reminders | Cross-Site Scripting (XSS) |
| EmailShroud | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Email Subscribers & Newsletters | Cross-Site Scripting (XSS) |
| Email Templates Customizer for WordPress – Drag And Drop Email Templates Builder – YeeMail | Cross-Site Scripting (XSS) |
| eMarksheet | Cross-Site Scripting (XSS) |
| Embed Swagger UI | Cross-Site Scripting (XSS) |
| EMC2 Alert Boxes | Cross-Site Scripting (XSS) |
| Enable Accessibility | Cross-Site Scripting (XSS) |
| Enhanced YouTube Shortcode | Cross-Site Scripting (XSS) |
| EO4WP | Cross-Site Scripting (XSS) |
| ePermissions | Cross-Site Scripting (XSS) |
| Error Notification | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Essay Wizard (wpCRES) | Cross-Site Scripting (XSS) |
| Essential Blocks for Gutenberg | Cross-Site Scripting (XSS) |
| Estatebud – Properties & Listings | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| EthereumICO | Cross-Site Scripting (XSS) from ethereum ico Shortcode |
| Etsy Importer | Cross-Site Scripting (XSS) |
| EU DSGVO Helper | Cross-Site Scripting (XSS) |
| Event Countdown Timer Plugin by TechMix | Cross-Site Scripting (XSS) |
| Event post | Cross-Site Scripting (XSS) |
| Event Registration Calendar By vcita | Cross-Site Scripting (XSS) |
| Explara Membership | Cross-Site Scripting (XSS) |
| Explore pages | Cross-Site Scripting (XSS) |
| Extra Options – Favicons | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| EZPlayer | Cross-Site Scripting (XSS) |
| F4 Post Tree | Cross-Site Scripting (XSS) |
| Fantastic Elasticsearch | Cross-Site Scripting (XSS) |
| FAQ Builder AYS | Cross-Site Scripting (XSS) |
| Fare Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Fast Tube | Cross-Site Scripting (XSS) |
| FAT Event Lite | Cross-Site Scripting (XSS) |
| Featured Page Widget | Cross-Site Scripting (XSS) |
| Feedburner Optin Form | Cross-Site Scripting (XSS) |
| Files Download (BAC) Delay | Cross-Site Scripting (XSS) |
| Financial Stocks & Crypto Market Data Plugin | Cross-Site Scripting (XSS) |
| Find Your Reps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Fioxen | Cross-Site Scripting (XSS) |
| FireCask Like & Share Button | Cross-Site Scripting (XSS) from width Parameter |
| FlashCounter | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Flash & HTML5 Video | DOM Based Cross-Site Scripting (XSS) from heading Parameter |
| Flashy Theme | Cross-Site Scripting (XSS) |
| Flexible Blogtitle | Cross-Site Scripting (XSS) |
| Flexible PDF Coupons | Cross-Site Scripting (XSS) |
| Flexible Wishlist for WooCommerce | Unauthenticated Cross-Site Scripting (XSS) from wishlist_name Parameter |
| Flexmls® IDX | Cross-Site Scripting (XSS) from API parameters |
| Floatbox Plus | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| FLX Dashboard Groups | Cross-Site Scripting (XSS) |
| Flying Twitter Birds | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| FontAwesome.io ShortCodes | Cross-Site Scripting (XSS) |
| Food Store – Online Food Delivery & Pickup | Cross-Site Scripting (XSS) |
| FooGallery Captions | Cross-Site Scripting (XSS) |
| Formaloo Form Maker | Cross-Site Scripting (XSS) from address Parameter |
| Formatted post | Cross-Site Scripting (XSS) |
| Forminator | Cross-Site Scripting (XSS) from Title Parameter |
| Form and JSON | Cross-Site Scripting (XSS) |
| Foundation Columns | Cross-Site Scripting (XSS) |
| FP RSS Category Excluder | Cross-Site Scripting (XSS) |
| Free Google Maps | Cross-Site Scripting (XSS) |
| Free MailClient FMC | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Free WooCommerce Theme 99fy Extension | Cross-Site Scripting (XSS) |
| Frictionless | Cross-Site Scripting (XSS) |
| Full Circle | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Fusion Builder | Cross-Site Scripting (XSS) in Multiple Widgets |
| FWD Slider | Cross-Site Scripting (XSS) |
| Gallerio | Cross-Site Scripting (XSS) |
| Gallery and Lightbox | Cross-Site Scripting (XSS) |
| Gallery: Hybrid – Advanced Visual Gallery | Cross-Site Scripting (XSS) |
| GatorMail SmartForms | Cross-Site Scripting (XSS) |
| GDPR Personal Data Reports | Cross-Site Scripting (XSS) |
| GDReseller | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| GDY Modular Content | Cross-Site Scripting (XSS) |
| Genesis Style Shortcodes | Cross-Site Scripting (XSS) |
| Genki Announcement | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Geo Content | Cross-Site Scripting (XSS) |
| GeoDigs | Cross-Site Scripting (XSS) |
| Geotagged Media | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ghostwriter Theme | Cross-Site Scripting (XSS) |
| Gigaom Sphinx | Cross-Site Scripting (XSS) |
| Giveaways and Contests by PromoSimple | Cross-Site Scripting (XSS) |
| Glofox Shortcodes | Cross-Site Scripting (XSS) |
| GMAPS for WPBakery Page Builder Free | Cross-Site Scripting (XSS) |
| GMap Shortcode | Cross-Site Scripting (XSS) |
| Goodlayers Blocks | Cross-Site Scripting (XSS) |
| Goodlayers Core | Cross-Site Scripting (XSS) from SVG Upload (BAC) |
| Good Old Gallery | Cross-Site Scripting (XSS) |
| Google Map on Post/Page | Cross-Site Scripting (XSS) |
| GoogleMapper | Cross-Site Scripting (XSS) |
| Google Map With Fancybox | Cross-Site Scripting (XSS) |
| Google Org Chart | Cross-Site Scripting (XSS) |
| Google Transliteration | Cross-Site Scripting (XSS) |
| Goo.gl Url Shorter | Cross-Site Scripting (XSS) |
| go Social | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Gowilds - Travel & Tour Booking WordPress Theme | Cross-Site Scripting (XSS) |
| GravatarLocalCache | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Gravity Forms | Unauthenticated Cross-Site Scripting (XSS) from 'alt' parameter |
| Greek Namedays Widget From Eortologio.Net | Cross-Site Scripting (XSS) |
| Greenshift – animation and page builder blocks | Missing Authorization (BAC) and Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) |
| Grid Accordion Lite | Cross-Site Scripting (XSS) |
| Groundhogg | Cross-Site Scripting (XSS) |
| Group category creator | Cross-Site Scripting (XSS) |
| GSheetConnector for Forminator Forms | Cross-Site Scripting (XSS) |
| Gutenberg Blocks by Kadence Blocks | Cross-Site Scripting (XSS) from Button Link |
| Guten Free Options | Cross-Site Scripting (XSS) |
| Gutentor | Cross-Site Scripting (XSS) |
| G Web Pro Store Locator | Cross-Site Scripting (XSS) |
| Hack me if you can | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Halpes Theme | Cross-Site Scripting (XSS) |
| Happy Addons for Elementor | Cross-Site Scripting (XSS) |
| Hash Elements | Cross-Site Scripting (XSS) |
| Heartland Management Terminal | Cross-Site Scripting (XSS) |
| HelloAsso | Cross-Site Scripting (XSS) |
| Hero Mega Menu - Responsive WordPress Menu Plugin | Cross-Site Scripting (XSS) |
| Hide Login+ | Cross-Site Scripting (XSS) |
| Highlight | Cross-Site Scripting (XSS) |
| HireHive Job Plugin | Cross-Site Scripting (XSS) |
| History timeline | Cross-Site Scripting (XSS) |
| HM Portfolio | Cross-Site Scripting (XSS) |
| Horizontal Line Shortcode | Cross-Site Scripting (XSS) |
| Horoscope And Tarot | Cross-Site Scripting (XSS) |
| Hotspots Analytics | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| HT Conctact Form 7 | Cross-Site Scripting (XSS) |
| HTML5 chat | Cross-Site Scripting (XSS) |
| HTTP and HTTPS link Change (BAC) r by Eyga.net | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Huurkalender WP | Cross-Site Scripting (XSS) |
| HyperComments | Cross-Site Scripting (XSS) |
| Icegram | Cross-Site Scripting (XSS) |
| Icegram | Cross-Site Scripting (XSS) |
| Icons Enricher | Cross-Site Scripting (XSS) |
| ICS Button | Cross-Site Scripting (XSS) |
| iframe and embed | Cross-Site Scripting (XSS) |
| Image Gallery – Responsive Photo Gallery | Cross-Site Scripting (XSS) |
| Image Hover Effects for Elementor | Cross-Site Scripting (XSS) |
| imaGenius | Cross-Site Scripting (XSS) |
| Image Source Control | Cross-Site Scripting (XSS) |
| Image Source Control | Cross-Site Scripting (XSS) |
| Image Switcher | Cross-Site Scripting (XSS) |
| Image Switcher | Cross-Site Scripting (XSS) |
| Import Excel and Gravity Forms | Cross-Site Scripting (XSS) |
| Import Users and MailChimp | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Incredible Font Awesome | Cross-Site Scripting (XSS) |
| Infility Global | Cross-Site Scripting (XSS) |
| InFunding | Cross-Site Scripting (XSS) |
| Inline Tweets | Cross-Site Scripting (XSS) |
| Instabot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Instant Appointment | Cross-Site Scripting (XSS) |
| Internal Link Builder | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Issuu Panel | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| JB Horizontal Scroller News Ticker | Cross-Site Scripting (XSS) |
| JetElements For Elementor | Cross-Site Scripting (XSS) from Multiple Widgets |
| JetEngine | Cross-Site Scripting (XSS) from list_tag Parameter |
| Jet Skinner for BuddyPress | Cross-Site Scripting (XSS) |
| JK Html and Pdf | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| JoomSport | Cross-Site Scripting (XSS) from page |
| jQuery TwentyTwenty | Cross-Site Scripting (XSS) |
| JSM Screenshot Machine Shortcode | Cross-Site Scripting (XSS) |
| Js O3 Lite Theme | Cross-Site Scripting (XSS) |
| Justified Image Gallery | Cross-Site Scripting (XSS) |
| Kapost | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KBucket | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Ketchup Shortcodes | Cross-Site Scripting (XSS) |
| Kikx Simple Post Author Filter | Cross-Site Scripting (XSS) |
| KNR Author List Widget | Cross-Site Scripting (XSS) |
| Kopa Nictitate Toolkit | Cross-Site Scripting (XSS) |
| Kubio AI Page Builder | Cross-Site Scripting (XSS) |
| Kumihimo | Cross-Site Scripting (XSS) |
| Laika Pedigree Tree | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LawPress – Law Firm Website Management | Cross-Site Scripting (XSS) |
| ldap_login_password_and_role_manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LearnPress | Cross-Site Scripting (XSS) from Lesson Name |
| Legacy ePlayer | Cross-Site Scripting (XSS) |
| Legal + | Cross-Site Scripting (XSS) |
| Len Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Lestin - Directory Listing WordPress Theme | Cross-Site Scripting (XSS) |
| LH Email | Cross-Site Scripting (XSS) |
| LH Login Page | Cross-Site Scripting (XSS) |
| Lijit Search | Cross-Site Scripting (XSS) |
| Lime Developer Login | Cross-Site Scripting (XSS) |
| Link Fixer | Unauthenticated Cross-Site Scripting (XSS) |
| Link Library | Cross-Site Scripting (XSS) |
| Links/Problem Reporter | Cross-Site Scripting (XSS) |
| Links/Problem Reporter | Cross-Site Scripting (XSS) |
| Listamester | Cross-Site Scripting (XSS) |
| List category posts | Cross-Site Scripting (XSS) |
| List Pages at Depth | Cross-Site Scripting (XSS) |
| Live Flight Radar | Cross-Site Scripting (XSS) |
| LJ Custom Menu Links | Cross-Site Scripting (XSS) |
| LocalGrid | Cross-Site Scripting (XSS) |
| Local Shipping Labels for WooCommerce | Cross-Site Scripting (XSS) |
| Lockets | Cross-Site Scripting (XSS) |
| Login Watchdog | Cross-Site Scripting (XSS) |
| LSD Google Maps Embedder | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LucidLMS | Cross-Site Scripting (XSS) |
| MachForm Shortcode | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MACME | Cross-Site Scripting (XSS) |
| Magic Google Maps | Cross-Site Scripting (XSS) |
| Magic the Gathering Card Tooltips | Cross-Site Scripting (XSS) |
| MailChimp Subscribe Forms | Cross-Site Scripting (XSS) |
| Mailing Group Listserv | Cross-Site Scripting (XSS) |
| MailUp Auto Subscription | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Mancx AskMe Widget | Cross-Site Scripting (XSS) |
| Mang Board WP | Cross-Site Scripting (XSS) |
| Maniac SEO | Cross-Site Scripting (XSS) |
| Mapbox for WP Advanced | Cross-Site Scripting (XSS) |
| MarketKing | Cross-Site Scripting (XSS) |
| Marketplace Items | Cross-Site Scripting (XSS) from Shortcode |
| Marmoset Viewer | Cross-Site Scripting (XSS) |
| Marquee Style RSS News Ticker | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MAS Elementor | Cross-Site Scripting (XSS) from SVG |
| Mass Custom Fields Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mass Messaging in BuddyPress | Cross-Site Scripting (XSS) |
| Master Addons for Elementor | Cross-Site Scripting (XSS) from Tooltip Module |
| Masy Gallery | Cross-Site Scripting (XSS) |
| mcjh button shortcode | Cross-Site Scripting (XSS) |
| MD Custom content after or before of post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MDC YouTube Download (BAC)er | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MDJM Event Management | Cross-Site Scripting (XSS) |
| Media Category Library | Cross-Site Scripting (XSS) |
| Media Download (BAC)er | Cross-Site Scripting (XSS) |
| Media Library Assistant | Cross-Site Scripting (XSS) |
| MeinTurnierplan.de Widget Viewer | Cross-Site Scripting (XSS) |
| MemeOne | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MercadoLibre Integration | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Metadata SEO | Cross-Site Scripting (XSS) |
| Metaphor Widgets | Cross-Site Scripting (XSS) |
| Meteor Slides | Cross-Site Scripting (XSS) |
| MFPlugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MG Parallax Slider | Cross-Site Scripting (XSS) |
| MicroPayments | Cross-Site Scripting (XSS) |
| Mind3doM RyeBread Widgets | Cross-Site Scripting (XSS) |
| Mind Doodle Visual Sitemaps & Tasks | Cross-Site Scripting (XSS) |
| Mindmeister Shortcode | Cross-Site Scripting (XSS) |
| MJ Contact us | Cross-Site Scripting (XSS) |
| MLL Audio Player MP3 Ajax | Cross-Site Scripting (XSS) |
| Mobigate | Cross-Site Scripting (XSS) |
| Modins - Insurance & Finance WordPress Theme | Cross-Site Scripting (XSS) |
| More Link Modifier | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| moseter Theme | Cross-Site Scripting (XSS) |
| MT Addons for Elementor | Cross-Site Scripting (XSS) |
| Multifox Theme | Cross-Site Scripting (XSS) |
| Multilang Contact Form | Cross-Site Scripting (XSS) |
| Music Sheet Viewer | Cross-Site Scripting (XSS) |
| Muslim Prayer Time-Salah/Iqamah | Cross-Site Scripting (XSS) |
| My auctions allegro | Cross-Site Scripting (XSS) |
| mybb Last Topics | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MyBookProgress by Stormhill Media | Cross-Site Scripting (XSS) from book Parameter |
| my depressive Theme | Cross-Site Scripting (XSS) |
| my engine Theme | Cross-Site Scripting (XSS) |
| My Favorite Car | Cross-Site Scripting (XSS) |
| my money Theme | Cross-Site Scripting (XSS) |
| my-related-posts | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| my white Theme | Cross-Site Scripting (XSS) |
| my zebra Theme | Cross-Site Scripting (XSS) |
| Nativery | Cross-Site Scripting (XSS) |
| Nature FlipBook | Cross-Site Scripting (XSS) |
| NAVER Analytics | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Navigation Du Lapin Blanc | Cross-Site Scripting (XSS) |
| Nested Pages | Cross-Site Scripting (XSS) |
| Network-Favorites | Cross-Site Scripting (XSS) |
| News Publisher Autopilot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| News Ticker Widget for Elementor | Cross-Site Scripting (XSS) |
| Ninja Forms | Cross-Site Scripting (XSS) from Shortcode |
| Ninja Tables | Cross-Site Scripting (XSS) |
| Nite Shortcodes | Cross-Site Scripting (XSS) |
| Norse Rune Oracle Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| NOTICE BOARD BY TOWKIR | Cross-Site Scripting (XSS) |
| Notifikácie.sk | Cross-Site Scripting (XSS) |
| Notify Odoo | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ntp-header-images | Cross-Site Scripting (XSS) |
| NV Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| offset writing Theme | Cross-Site Scripting (XSS) |
| One Backend Language | Cross-Site Scripting (XSS) |
| Online Payments – Get Paid with PayPal, Square & Stripe | Cross-Site Scripting (XSS) |
| Opencart Product in WP | Cross-Site Scripting (XSS) |
| Opentracker Analytics | Cross-Site Scripting (XSS) |
| OPSI Israel Domestic Shipments | Cross-Site Scripting (XSS) |
| OrangeBox | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Orbisius Simple Notice | Cross-Site Scripting (XSS) |
| Orbit Fox by ThemeIsle | Cross-Site Scripting (XSS) from Pricing Table Widget |
| Orbit Fox by ThemeIsle | Cross-Site Scripting (XSS) from title_tag Parameter |
| Order Audit Log for WooCommerce | Cross-Site Scripting (XSS) |
| OrderConvo | Limited File Upload (BAC) and Cross-Site Scripting (XSS) |
| Orgarium - Agriculture & Organic Farm WordPress Theme | Cross-Site Scripting (XSS) |
| OZ Canonical | Cross-Site Scripting (XSS) |
| PAFacile | Cross-Site Scripting (XSS) |
| Page Builder by SiteOrigin | Cross-Site Scripting (XSS) from Row Label Parameter |
| Page Health-O-Meter | Cross-Site Scripting (XSS) |
| PageLayer | Cross-Site Scripting (XSS) |
| Paroti | Cross-Site Scripting (XSS) |
| Partners | Cross-Site Scripting (XSS) |
| Passwordless WP – Login with your glance or fingerprint | Cross-Site Scripting (XSS) |
| Password Protect Plugin for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Pastebin | Cross-Site Scripting (XSS) |
| PayForm | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| PayGreen Payment Gateway | Cross-Site Scripting (XSS) |
| Payment Button for PayPal | Cross-Site Scripting (XSS) |
| Paytm Payment Donation | Cross-Site Scripting (XSS) |
| PDF Catalog Woocommerce | Cross-Site Scripting (XSS) |
| PDF for WPForms | Cross-Site Scripting (XSS) from yeepdf_dotab Shortcode |
| PDF Invoices for WooCommerce + Drag and Drop Template Builder | Cross-Site Scripting (XSS) |
| PDF.js Shortcode | Cross-Site Scripting (XSS) |
| Perfect Portal Widgets | Cross-Site Scripting (XSS) |
| Philantro | Cross-Site Scripting (XSS) from donate Shortcode |
| Photo Gallery – Image Gallery by Ape | Cross-Site Scripting (XSS) |
| Picture Gallery | Cross-Site Scripting (XSS) |
| Picture Gallery | Cross-Site Scripting (XSS) |
| Pin Locations on Map | Cross-Site Scripting (XSS) |
| Piotnet Addons For Elementor | Cross-Site Scripting (XSS) |
| Pisole - Digital Creative Agency WordPress Theme | Cross-Site Scripting (XSS) |
| PIXNET | Cross-Site Scripting (XSS) |
| Plestar Directory Listing | Cross-Site Scripting (XSS) |
| Plethora Plugins Tabs + Accordions | Cross-Site Scripting (XSS) |
| Plethora Plugins Tabs + Accordions | Cross-Site Scripting (XSS) from anchor |
| Podčlánková inzerce | Cross-Site Scripting (XSS) |
| Podlove Podcast Publisher | Cross-Site Scripting (XSS) from Feed Name |
| Pods | Cross-Site Scripting (XSS) |
| Policy Genius | Cross-Site Scripting (XSS) |
| polka dots Theme | Cross-Site Scripting (XSS) |
| Pootle button | Cross-Site Scripting (XSS) |
| Popup Maker | Cross-Site Scripting (XSS) |
| Post and Page Builder by BoldGrid – Visual Drag and Drop Editor | Cross-Site Scripting (XSS) |
| Post And Page Reactions | Cross-Site Scripting (XSS) |
| Post Carousel & Slider | Cross-Site Scripting (XSS) |
| Post Carousel Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| PostLists | Cross-Site Scripting (XSS) |
| Post Meta | Cross-Site Scripting (XSS) |
| Post & Page Notes | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Posts Footer Manager | Cross-Site Scripting (XSS) |
| Post-to-Post Links | Cross-Site Scripting (XSS) |
| Powerful Auto Chat | Cross-Site Scripting (XSS) |
| Power Mag Theme | Cross-Site Scripting (XSS) |
| Power Ups for Elementor | Cross-Site Scripting (XSS) |
| Powie's pLinks PagePeeker | Cross-Site Scripting (XSS) |
| PPO Call and Actions | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| PPOM for WooCommerce | Cross-Site Scripting (XSS) |
| Prayer Times Anywhere | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Precious Metals Charts and Widgets for WordPress | Cross-Site Scripting (XSS) |
| Predict When | Cross-Site Scripting (XSS) |
| Preloader Quotes | Cross-Site Scripting (XSS) |
| Pretty Simple Popup Builder | Cross-Site Scripting (XSS) |
| Pretty Url | Cross-Site Scripting (XSS) |
| Prime Slider – Addons For Elementor | Cross-Site Scripting (XSS) |
| Private Messages for UserPro | Cross-Site Scripting (XSS) |
| Product Carousel For WooCommerce – WoorouSell | Cross-Site Scripting (XSS) |
| Product Carousel Slider & Grid Ultimate for WooCommerce | Cross-Site Scripting (XSS) |
| ProductDyno | Cross-Site Scripting (XSS) |
| Product Table for WooCommerce | Cross-Site Scripting (XSS) |
| Profile Builder | Unauthenticated Cross-Site Scripting (XSS) |
| Progress Tracker | Cross-Site Scripting (XSS) |
| Proofreading | Cross-Site Scripting (XSS) |
| PropertyHive | Cross-Site Scripting (XSS) |
| Ps Ads Pro | Cross-Site Scripting (XSS) |
| Qempo Theme | Cross-Site Scripting (XSS) |
| Qizon - Crowdfunding & Charity WordPress Theme | Cross-Site Scripting (XSS) |
| Qr Code and Barcode Scanner Read (BAC)er | Cross-Site Scripting (XSS) |
| QR Code Generator | Cross-Site Scripting (XSS) |
| Quill Forms | Cross-Site Scripting (XSS) |
| Quizzin | Cross-Site Scripting (XSS) |
| Quote me | Cross-Site Scripting (XSS) |
| QuoteMedia Tools | Cross-Site Scripting (XSS) |
| quote-posttype-plugin | Cross-Site Scripting (XSS) |
| Quote Tweet | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| radSLIDE | Broken Access Control (BAC) and Cross-Site Scripting (XSS) |
| Rate Star Review | Cross-Site Scripting (XSS) |
| ReadMe Creator | Cross-Site Scripting (XSS) |
| Real Seguro Viagem | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Realtyna Provisioning | Cross-Site Scripting (XSS) |
| REAL WordPress Sidebar | Cross-Site Scripting (XSS) |
| Rebrand Fluent Forms | Cross-Site Scripting (XSS) |
| REDIRECTION PLUS | Cross-Site Scripting (XSS) |
| Redux Converter | Cross-Site Scripting (XSS) |
| RegistrationMagic | Cross-Site Scripting (XSS) |
| Related Post Shortcode | Cross-Site Scripting (XSS) |
| Rename Author Slug | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ResAds | Cross-Site Scripting (XSS) from Multiple Parameters |
| Responsive Addons for Elementor | Cross-Site Scripting (XSS) |
| Responsive Blocks | Cross-Site Scripting (XSS) from section_tag Parameter |
| Responsive Flickr Slideshow | Cross-Site Scripting (XSS) |
| Responsive FlipBook | Cross-Site Scripting (XSS) |
| Responsive jQuery Slider | Cross-Site Scripting (XSS) |
| Responsivity | Cross-Site Scripting (XSS) |
| Restrict Anonymous Access | Cross-Site Scripting (XSS) |
| ReviewsTap | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rezdy Reloaded | Cross-Site Scripting (XSS) |
| RightMessage WP | Cross-Site Scripting (XSS) |
| Rio Photo Gallery | Cross-Site Scripting (XSS) |
| rng-refresh | Cross-Site Scripting (XSS) |
| Robo Gallery | Cross-Site Scripting (XSS) |
| Rocket Media Library Mime Type | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Roi Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rollover Tab | Cross-Site Scripting (XSS) |
| RomanCart | Cross-Site Scripting (XSS) |
| root Cookie | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Royal Elementor Addons | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| RSS Icon Widget | Cross-Site Scripting (XSS) |
| RSS News Scroller | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RSV GMaps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RSVPMaker Volunteer Roles | Cross-Site Scripting (XSS) |
| RSVP ME | Cross-Site Scripting (XSS) |
| S3Player – WooCommerce & Elementor Integration | Cross-Site Scripting (XSS) |
| Sale with Razorpay | Cross-Site Scripting (XSS) |
| Same but Different – Related Posts by Taxonomy | Cross-Site Scripting (XSS) |
| Sandbox Theme | Cross-Site Scripting (XSS) |
| Save & Import Image from URL | Cross-Site Scripting (XSS) |
| Scan External Links | Cross-Site Scripting (XSS) |
| Scanventory | Cross-Site Scripting (XSS) |
| Scroll Styler | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Scroll Top Advanced | Cross-Site Scripting (XSS) |
| SC Simple Zazzle | Cross-Site Scripting (XSS) |
| S-DEV SEO | Cross-Site Scripting (XSS) |
| Searchie | Cross-Site Scripting (XSS) |
| SeatReg | Cross-Site Scripting (XSS) |
| Secure CAPTCHA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Sell Digital Downloads | Cross-Site Scripting (XSS) |
| Sell Media | Cross-Site Scripting (XSS) |
| Sellsy | Cross-Site Scripting (XSS) |
| SEMA API | Cross-Site Scripting (XSS) from catid Parameter |
| Send and a Friend Addon | Cross-Site Scripting (XSS) |
| Send and Twitter | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SEO Blogger and WordPress Migration using 301 Redirection | Cross-Site Scripting (XSS) |
| SEO Bulk Editor | Cross-Site Scripting (XSS) |
| seo-keywords | Cross-Site Scripting (XSS) from google_error Parameter |
| SEOReseller Partner | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Service Box | Cross-Site Scripting (XSS) |
| SetMore Theme – Custom Post Types | Cross-Site Scripting (XSS) |
| SexBundle | Cross-Site Scripting (XSS) |
| Shabbos and Yom Tov | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Shared Files | Limited Unauthenticated Cross-Site Scripting (XSS) from File Upload (BAC) |
| Shipdeo | Cross-Site Scripting (XSS) |
| Shipping from Planzer for WooCommerce | Cross-Site Scripting (XSS) from processed ids |
| ShMapper by Teplitsa | Cross-Site Scripting (XSS) |
| Shockingly Big IE6 Warning | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Shortcode in Comment | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Shoutcast and Icecast HTML5 Web Radio Player by YesStreaming.com | Cross-Site Scripting (XSS) |
| Show Google Analytics widget | Cross-Site Scripting (XSS) |
| Show/Hide Shortcode | Cross-Site Scripting (XSS) |
| Sidebar-Content from Shortcode | Cross-Site Scripting (XSS) |
| Sikshya LMS | Cross-Site Scripting (XSS) |
| Simple Add Pages or Posts | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| SimpleCharm Theme | Cross-Site Scripting (XSS) |
| Simple Custom post type custom field | Cross-Site Scripting (XSS) |
| Simple Gallery with Filter | Cross-Site Scripting (XSS) |
| Simple Locator | Cross-Site Scripting (XSS) |
| Simple Membership Custom Messages | Cross-Site Scripting (XSS) |
| Simple Photo Sphere | Cross-Site Scripting (XSS) |
| Simple:Press | Cross-Site Scripting (XSS) from msearch |
| Simple:Press | Cross-Site Scripting (XSS) |
| Simple Project Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple shortcode buttons | Cross-Site Scripting (XSS) |
| Simple Vertical Timeline | Cross-Site Scripting (XSS) |
| SimplyRETS Real Estate IDX | Cross-Site Scripting (XSS) |
| Sina Extension for Elementor | DOM Based Cross-Site Scripting (XSS) from Sina Image Differ |
| SingSong | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site PIN | Cross-Site Scripting (XSS) |
| Skill Bar | Cross-Site Scripting (XSS) |
| SlideDeck 1 Lite Content Slider | Cross-Site Scripting (XSS) |
| Slider for Writers | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Slider Pro Lite | Cross-Site Scripting (XSS) |
| Slides & Presentations | Cross-Site Scripting (XSS) |
| Slotti Ajanvaraus | Cross-Site Scripting (XSS) |
| Smart Agenda | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Smart Custom Fields | Cross-Site Scripting (XSS) |
| SmartEmailing.cz | Cross-Site Scripting (XSS) |
| Smooth Dynamic Slider | Cross-Site Scripting (XSS) |
| Smoothness Slider Shortcode | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Snippy | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social2Blog | Cross-Site Scripting (XSS) |
| Social Analytics | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Media Engine | Cross-Site Scripting (XSS) |
| SOCIAL.NINJA | Cross-Site Scripting (XSS) |
| Social proof testimonials and reviews by Repuso | Cross-Site Scripting (XSS) |
| Social Pug: Author Box | Cross-Site Scripting (XSS) |
| Social Rocket | Cross-Site Scripting (XSS) from Shortcode |
| Social Share Buttons for WordPress | Cross-Site Scripting (XSS) |
| Solar Wizard Lite | Cross-Site Scripting (XSS) |
| Sominx - Creative Business Agency WordPress Theme | Cross-Site Scripting (XSS) |
| SpeakOut! Email Petitions | Cross-Site Scripting (XSS) |
| Spiderpowa Embed PDF | Cross-Site Scripting (XSS) |
| Stackable | Cross-Site Scripting (XSS) |
| StageShow | Cross-Site Scripting (XSS) |
| Staging CDN | Cross-Site Scripting (XSS) |
| Stars SMTP Mailer | Cross-Site Scripting (XSS) |
| StatPressCN | Cross-Site Scripting (XSS) |
| Sticky Button | Cross-Site Scripting (XSS) |
| Stockdio Historical Chart | Cross-Site Scripting (XSS) |
| Stop Comment Spam | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Store Commerce Theme | Cross-Site Scripting (XSS) |
| Store credit / Gift cards for woocommerce | Cross-Site Scripting (XSS) |
| Storely Theme | Cross-Site Scripting (XSS) |
| StorePress Theme | Cross-Site Scripting (XSS) |
| Stratum | Cross-Site Scripting (XSS) from Image Hotspot Widget |
| Stray Random Quotes | Cross-Site Scripting (XSS) |
| Strx Magic Floating Sidebar Maker | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Style Admin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Subscription DNA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Surbma | Premium WP | Cross-Site Scripting (XSS) |
| Survey Maker | Cross-Site Scripting (XSS) from Survey Question |
| SweepWidget Contests, Giveaways, Photo Contests, Competitions | Cross-Site Scripting (XSS) |
| SyncFields | Cross-Site Scripting (XSS) |
| System Dashboard | Cross-Site Scripting (XSS) from Filename Parameter |
| Table Editor | Cross-Site Scripting (XSS) |
| Tab My Content | Cross-Site Scripting (XSS) |
| Tabs Shortcode | Cross-Site Scripting (XSS) from Shortcode |
| Tabulate | Cross-Site Scripting (XSS) |
| Tagesteller | v Cross-Site Scripting (XSS) |
| Tamara Checkout | Cross-Site Scripting (XSS) |
| Tantyyellow Theme | Cross-Site Scripting (XSS) |
| Target Notifications | Cross-Site Scripting (XSS) |
| Target Video Easy Publish | Cross-Site Scripting (XSS) from brid_override_yt Shortcode |
| Target Video Easy Publish | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Taskbuilder | Cross-Site Scripting (XSS) from wppm_tasks Shortcode |
| Tax Report for WooCommerce | Cross-Site Scripting (XSS) |
| TCBD Auto Refresher | Cross-Site Scripting (XSS) |
| TemplatesNext ToolKit | Cross-Site Scripting (XSS) |
| Tevily - Travel & Tour Booking WordPress Theme | Cross-Site Scripting (XSS) |
| Texteller | Cross-Site Scripting (XSS) |
| The Events Calendar | Cross-Site Scripting (XSS) |
| TheFude - Crowdfunding & Charity WordPress Theme | Cross-Site Scripting (XSS) |
| The Loops | Cross-Site Scripting (XSS) |
| Theme My Ontraport Smartform | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Themesflat Addons For Elementor | Cross-Site Scripting (XSS) |
| Themify Builder | Cross-Site Scripting (XSS) |
| ThePerfectWedding.nl Widget | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| The Ultimate WordPress Toolkit – WP Extended | Missing Authorization (BAC) and Cross-Site Scripting (XSS) |
| Thim Elementor Kit | Cross-Site Scripting (XSS) |
| Ticketmeo | Cross-Site Scripting (XSS) from Shortcode |
| Tijaji Theme | Cross-Site Scripting (XSS) |
| Tiki Time Theme | Cross-Site Scripting (XSS) |
| Timeline Pro | Cross-Site Scripting (XSS) |
| Tock Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Toggles Shortcode and Widget | Cross-Site Scripting (XSS) |
| Toocheke Companion | Cross-Site Scripting (XSS) |
| Top Flash Embed | Cross-Site Scripting (XSS) |
| Tourmaster | Unauthenticated Cross-Site Scripting (XSS) from Room Booking |
| Tourmaster | Cross-Site Scripting (XSS) |
| Tracking Code Manager | Cross-Site Scripting (XSS) |
| Track Page Scroll | Cross-Site Scripting (XSS) |
| Trackserver | Cross-Site Scripting (XSS) |
| Translation.Pro | Cross-Site Scripting (XSS) |
| Transporters.io | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| TRUSTist REVIEWer | Cross-Site Scripting (XSS) |
| TS Comfort DB | Cross-Site Scripting (XSS) |
| Tuaug4 Theme | Cross-Site Scripting (XSS) |
| TubePress.NET | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| .TUBE Video Curator | Cross-Site Scripting (XSS) |
| turboSMTP | Cross-Site Scripting (XSS) |
| Turnkey bbPress | Cross-Site Scripting (XSS) |
| Twitter Bootstrap Collapse aka Accordian Shortcode | Cross-Site Scripting (XSS) |
| Twitter News Feed | Cross-Site Scripting (XSS) |
| Twitter Post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Twitter Shortcode | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Typing Text | Cross-Site Scripting (XSS) |
| Ultimate Events | Cross-Site Scripting (XSS) |
| Ultimate Image Hover Effects | Cross-Site Scripting (XSS) |
| Ultimate Subscribe | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| UltraLight Theme | Cross-Site Scripting (XSS) |
| Unique UX | Cross-Site Scripting (XSS) |
| Universal Analytics Injector | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| University Quizzes Online | Cross-Site Scripting (XSS) |
| UpDownUpDown | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress UpdraftPlus - Backup/Restore | Cross-Site Scripting (XSS) |
| Uptime Robot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Urdu Formatter – Shamil | Cross-Site Scripting (XSS) |
| Userbase Access Control | Cross-Site Scripting (XSS) |
| User Messages | Cross-Site Scripting (XSS) |
| Utilities for MTG | Cross-Site Scripting (XSS) |
| Vampire Character Manager | Cross-Site Scripting (XSS) |
| vcOS | Cross-Site Scripting (XSS) |
| Verge3D | Cross-Site Scripting (XSS) |
| Video Embed Optimizer | Cross-Site Scripting (XSS) |
| Video Share VOD | Cross-Site Scripting (XSS) |
| VideoWhisper Live Streaming Integration | Cross-Site Scripting (XSS) |
| ViewMedica 9 | Cross-Site Scripting (XSS) |
| ViewMedica 9 | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| VikAppointments Services Booking Calendar | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Virtual Bot | Cross-Site Request Forgery (CSRF) Cross-Site Scripting (XSS) |
| Visit Site Link enhanced | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| VR-Frases | Cross-Site Scripting (XSS) |
| VR Views | Cross-Site Scripting (XSS) |
| VSTEMPLATE Creator | Cross-Site Scripting (XSS) |
| WC1C | Cross-Site Scripting (XSS) |
| WC Affiliate | Cross-Site Scripting (XSS) |
| WC Affiliate | Cross-Site Scripting (XSS) |
| WC Marketplace | Cross-Site Scripting (XSS) |
| WCS QR Code Generator | Cross-Site Scripting (XSS) |
| Weaver Themes Shortcode Compatibility | Cross-Site Scripting (XSS) |
| Webcamconsult | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WE Blocks | Cross-Site Scripting (XSS) |
| Web Push | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Web Testimonials | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| welowe Theme | Cross-Site Scripting (XSS) |
| WE – Testimonial Slider | Cross-Site Scripting (XSS) |
| WhatsApp click and chat | Cross-Site Scripting (XSS) |
| WH Cache & Security | Cross-Site Scripting (XSS) |
| Wibstats | Cross-Site Scripting (XSS) |
| Widget Countdown | Cross-Site Scripting (XSS) |
| Widgetize Pages Light | Cross-Site Scripting (XSS) |
| Winning Portfolio | Cross-Site Scripting (XSS) |
| Wishlist for WooCommerce | Cross-Site Scripting (XSS) |
| Wizhi Multi Filters by Wenprise | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wonder FontAwesome | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| Woocommerce check pincode/zipcode for shipping | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WooCommerce Digital Content Delivery (incl. DRM) – FlickRocket | Cross-Site Scripting (XSS) |
| WooCommerce Order Search | Cross-Site Scripting (XSS) |
| WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels | Cross-Site Scripting (XSS) |
| WooCommerce Product Table Lite | Unauthenticated Shortcode Execution (BAC) & Cross-Site Scripting (XSS) |
| Woo Store Mode | Cross-Site Scripting (XSS) |
| Woo Ukrposhta | Cross-Site Scripting (XSS) from order, post, and idd Parameters |
| Word Freshener | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Additional Logins | Cross-Site Scripting (XSS) |
| WordPress Data Guard | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress File Search | Cross-Site Scripting (XSS) |
| WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto | Cross-Site Scripting (XSS) |
| WordPress Gallery Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Google Map Professional | Cross-Site Scripting (XSS) |
| WordPress HelpDesk & Support Ticket System Plugin – Octrace Support | Cross-Site Scripting (XSS) |
| WordPress Logging Service | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Meta Data and Taxonomies Filter (MDTF) | Cross-Site Scripting (XSS) |
| WordPress SEO Friendly Accordion FAQ | Cross-Site Scripting (XSS) |
| WordPress Tag Cloud Plugin – Tag Groups | Cross-Site Scripting (XSS) |
| WOW Best CSS Compiler | Cross-Site Scripting (XSS) |
| WP2APP | Cross-Site Scripting (XSS) |
| WP2LEADS | Cross-Site Scripting (XSS) |
| WPAchievements Free | Cross-Site Scripting (XSS) |
| Wp advertising management | Cross-Site Scripting (XSS) |
| WP All Import Pro | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| wp_amaps | Cross-Site Scripting (XSS) |
| WP-Announcements | Cross-Site Scripting (XSS) |
| WP Background Tile | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP-BibTeX | Cross-Site Request Forgery (CSRF) to and Cross-Site Scripting (XSS) |
| WPBITS Addons For Elementor Page Builder | Cross-Site Scripting (XSS) |
| WPBITS Addons For Elementor Page Builder | Cross-Site Scripting (XSS) |
| WP-BlackCheck | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Block Pack | Cross-Site Scripting (XSS) |
| WP Bulletin Board | Cross-Site Scripting (XSS) |
| WP Compress – Image Optimizer [All-In-One] | Cross-Site Scripting (XSS) |
| WP Contact Form7 Email Spam Blocker | Cross-Site Scripting (XSS) |
| WP Contest | Cross-Site Scripting (XSS) |
| WP Cookie | Cross-Site Scripting (XSS) |
| WP Cookies Alert | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| wp custom countdown | Cross-Site Scripting (XSS) |
| WP Custom Google Search | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WpDevTool | Cross-Site Scripting (XSS) |
| WP Dispensary | Cross-Site Scripting (XSS) |
| WP Docs | Cross-Site Scripting (XSS) |
| WP Download (BAC) Codes | Cross-Site Scripting (XSS) |
| WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms | Cross-Site Scripting (XSS) |
| WP Easy Post Mailer | Cross-Site Scripting (XSS) |
| WPEX Replace DB Urls | Cross-Site Scripting (XSS) |
| WP-FB-AutoConnect | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP FixTag | v Cross-Site Scripting (XSS) |
| wp-flickr-press | Cross-Site Scripting (XSS) |
| WP FPO | Cross-Site Scripting (XSS) |
| WP Front-end login and register | Cross-Site Scripting (XSS) |
| WP FullCalendar | Cross-Site Scripting (XSS) |
| WpF Ultimate Carousel | Cross-Site Scripting (XSS) |
| WP Github | Cross-Site Scripting (XSS) |
| WP Google Street View (with 360° virtual tour) & Google maps + Local SEO | Cross-Site Scripting (XSS) |
| wp-greet | Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS) |
| WP Header Notification | Cross-Site Scripting (XSS) |
| WP Headmaster | Cross-Site Scripting (XSS) |
| wp Hosting Performance Check | Cross-Site Scripting (XSS) |
| WP Image Upload (BAC)er | Cross-Site Scripting (XSS) |
| WP IMAP Auth | Cross-Site Scripting (XSS) |
| WP Intro.JS | Cross-Site Scripting (XSS) |
| WP Inventory Manager | Cross-Site Scripting (XSS) |
| WPJobBoard | Cross-Site Scripting (XSS) |
| WP Joomag | Cross-Site Scripting (XSS) |
| WP jQuery DataTable | Cross-Site Scripting (XSS) |
| WP krpano | Cross-Site Scripting (XSS) |
| WP Lyrics | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP MediaTagger | Cross-Site Scripting (XSS) |
| WP MediaTagger | Cross-Site Scripting (XSS) |
| WP Multi Store Locator | Cross-Site Scripting (XSS) |
| WP Multi Store Locator | Cross-Site Scripting (XSS) |
| WP OpenSearch | Cross-Site Scripting (XSS) |
| WP Order By | Cross-Site Scripting (XSS) |
| wp-pano | Cross-Site Scripting (XSS) |
| WP Panoramio | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Photo Sphere | Cross-Site Scripting (XSS) |
| WP-Player | Cross-Site Scripting (XSS) |
| WP-Polls | Unauthenticated SQL Injection (SQLi) and Cross-Site Scripting (XSS) |
| WP Post Category Notifications | Cross-Site Scripting (XSS) |
| WP Post Corrector | Cross-Site Scripting (XSS) |
| WP Post List Table | Cross-Site Scripting (XSS) |
| WP PT-Viewer | Cross-Site Scripting (XSS) |
| WP Query Creator | Cross-Site Scripting (XSS) |
| WPRadio | Cross-Site Scripting (XSS) |
| WP Responsive Tabs | Cross-Site Scripting (XSS) |
| WP-Revive Adserver | Cross-Site Scripting (XSS) |
| Wp-Scribd-List | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Service Payment Form With Authorize.net | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Simple Sitemap | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Smart Import | Cross-Site Scripting (XSS) |
| WP Smart Tooltip | Cross-Site Scripting (XSS) |
| WP Smart TV | Cross-Site Scripting (XSS) |
| WP Social Broadcast | Cross-Site Scripting (XSS) |
| wpSOL | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP SpaceContent | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP SPID Italia | Cross-Site Scripting (XSS) |
| WP-tagMaker | Cross-Site Scripting (XSS) |
| WP Triggers Lite | Cross-Site Scripting (XSS) |
| WP ULike | Cross-Site Scripting (XSS) |
| WP ViewSTL | Cross-Site Scripting (XSS) |
| WP Visitor Statistics (Real Time Traffic) | Cross-Site Scripting (XSS) |
| WP VR | Cross-Site Scripting (XSS) |
| WP VTiger Synchronization | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Youtube Gallery | Cross-Site Scripting (XSS) from id Parameter |
| WS Form LITE | Unauthenticated Cross-Site Scripting (XSS) |
| Xagio SEO | Cross-Site Scripting (XSS) |
| XML for Avito | Cross-Site Scripting (XSS) |
| XML for Google Merchant Center | Cross-Site Scripting (XSS) |
| XTRA Settings | Cross-Site Scripting (XSS) |
| yCyclista | Cross-Site Scripting (XSS) |
| Yet Another Countdown | Cross-Site Scripting (XSS) |
| YOGO Booking | Cross-Site Scripting (XSS) |
| Youtube Video Grid | Cross-Site Scripting (XSS) |
| Yumpu ePaper publishing | Cross-Site Scripting (XSS) |
| Zalomení | Cross-Site Scripting (XSS) |
| Zarinpal Paid Download (BAC) | Cross-Site Scripting (XSS) |
| Zephyr Admin Theme | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Zilom Theme | Cross-Site Scripting (XSS) |
| فرم ساز فرم افزار | Cross-Site Scripting (XSS) |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 3806 |
| WordPress Cross-Site Scripting (XSS) reported in 2025: | 1387 |
WHO needs managed WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.
Security is not a single-task job
Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.
