Scroll Top

WP XSS JUL 2024: 304 Effortless WP Cross-Site Scripting

WP XSS JUL 2024 – WP CROSS-SITE SCRIPTING

WP XSS JUL 2024

WP Cross-Site Scripting

Tailored WP & Woo Security Report

Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS JUL 2024 is a +6% INCREASE compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for tailored WP Security.

WHO needs tailored WP security? EVERYBODY!

Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.

The following cases made headlines PUBLICLY just last month in the WP XSS JUL 2024 & WP Cross-Site Scripting category:

12 Step Meeting List Cross-Site Scripting (XSS)
3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery Cross-Site Scripting (XSS)
Accordions Cross-Site Scripting (XSS)
Active Products Tables for WooCommerce Cross-Site Scripting (XSS)
Activity Reactions For Buddypress Cross-Site Scripting (XSS)
Advanced Woo Labels Cross-Site Scripting (XSS)
Ajax Load More Cross-Site Scripting (XSS)
Ali2Woo Lite Broken Access Control (BAC) to Cross-Site Scripting (XSS)
Ali2Woo Lite Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Ali2Woo Lite Cross-Site Scripting (XSS)
All In One Redirection Cross-Site Scripting (XSS)
Amelia Cross-Site Scripting (XSS)
Anima Theme Cross-Site Scripting (XSS)
ARForms Cross-Site Scripting (XSS)
ARI Fancy Lightbox Cross-Site Scripting (XSS)
Atarim Cross-Site Scripting (XSS)
Auto Coupons for WooCommerce Cross-Site Scripting (XSS)
Bible Text Cross-Site Scripting (XSS)
BlockArt Blocks Cross-Site Scripting (XSS)
Block for Font Awesome Cross-Site Scripting (XSS)
Blocksy Theme Cross-Site Scripting (XSS)
Bloglo Theme Cross-Site Scripting (XSS)
Blogmentor – Blog Layouts for Elementor Cross-Site Scripting (XSS)
Blogmentor – Blog Layouts for Elementor Cross-Site Scripting (XSS)
Bookly Cross-Site Scripting (XSS) via Color Profile Parameter
Boostify Header Footer Builder for Elementor Cross-Site Scripting (XSS) via size Parameter
Branda Cross-Site Scripting (XSS) via SVG Upload
Branda Cross-Site Scripting (XSS)
Brave Popup Builder Cross-Site Scripting (XSS)
Brizy – Page Builder Multiple Store Cross-Site Scripting (XSS)
Brizy – Page Builder Unauthenticated Cross-Site Scripting (XSS) via Form
BSK PDF Manager Cross-Site Scripting (XSS)
Cards for Beaver Builder Cross-Site Scripting (XSS) via Cards Widget
Cards for Beaver Builder Cross-Site Scripting (XSS)
CB (legacy) Cross-Site Scripting (XSS)
Chained Quiz Cross-Site Scripting (XSS)
Chaty Cross-Site Scripting (XSS)
Church Admin Cross-Site Scripting (XSS)
Clever Addons for Elementor Cross-Site Scripting (XSS) via Multiple CAFE Widgets
Clever Fox Cross-Site Scripting (XSS)
CoBlocks Cross-Site Scripting (XSS) via Social Profiles
CoDesigner WooCommerce Builder for Elementor Cross-Site Scripting (XSS) via Multiple Widgets
Colibri Page Builder Cross-Site Scripting (XSS) via Shortcode
Collapse-O-Matic Cross-Site Scripting (XSS) via Shortcode
Contact Form Manager Cross-Site Scripting (XSS)
Conversios.io Cross-Site Scripting (XSS)
Cowidgets – Elementor Addons Cross-Site Scripting (XSS)
Create by Mediavine Cross-Site Scripting (XSS) via Schema Meta Shortcode
CSSable Countdown Cross-Site Scripting (XSS)
Custom Dash Cross-Site Scripting (XSS)
Custom Field Suite Cross-Site Scripting (XSS)
Custom Field Suite Cross-Site Scripting (XSS)
Custom Field Template Cross-Site Scripting (XSS)
Custom Field Template Cross-Site Scripting (XSS)
Custom Field Template Cross-Site Scripting (XSS)
Dashboard Widgets Suite Cross-Site Scripting (XSS)
Demo Awesome Cross-Site Scripting (XSS)
Depicter Slider Cross-Site Scripting (XSS)
DethemeKit For Elementor Cross-Site Scripting (XSS) via URL Parameter of the De Gallery Widget
DImage 360 Cross-Site Scripting (XSS)
Divi Theme Cross-Site Scripting (XSS)
DiviTorque – Divi Theme, Divi Builder and Extra Theme Cross-Site Scripting (XSS) via SVG Upload
DOP Shortcodes Cross-Site Scripting (XSS) via Shortcode
Download Attachments Cross-Site Scripting (XSS)
Download Manager Self-Based Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS)
Download Manager Cross-Site Scripting (XSS) via wpdm_modal_login_form Shortcode
e2pdf Cross-Site Scripting (XSS)
Easy Age Verify Cross-Site Scripting (XSS)
EasyAzon Cross-Site Scripting (XSS) via easyazon-cloaking-locale
Easy Social Like Box – Popup – Sidebar Widget Cross-Site Scripting (XSS) via Shortcode
Easy Table of Contents Cross-Site Scripting (XSS)
Eduma Theme Cross-Site Scripting (XSS)
Elegant Themes Icons Cross-Site Scripting (XSS)
Elementor Addon Elements Cross-Site Scripting (XSS)
Elementor – Header, Footer & Blocks Template Cross-Site Scripting (XSS) via Site Title Widget
Elementor Pro Cross-Site Scripting (XSS)
Element Pack Elementor Addons Cross-Site Scripting (XSS)
ElementsKit Pro Cross-Site Scripting (XSS)
ElementsReady Addons for Elementor Cross-Site Scripting (XSS)
Elespare Cross-Site Scripting (XSS) via Horizontal Nav Menu Widget
EmbedPress Cross-Site Scripting (XSS) via EmbedPress PDF Widget
EmbedPress Cross-Site Scripting (XSS)
EmbedSocial Cross-Site Scripting (XSS)
Empty Cart Button for WooCommerce Cross-Site Scripting (XSS)
Enfold Theme Cross-Site Scripting (XSS)
Enter Addons Cross-Site Scripting (XSS)
Envo Extra Cross-Site Scripting (XSS) via Button Widget
Essential Addons for Elementor Cross-Site Scripting (XSS)
Essential Addons for Elementor Cross-Site Scripting (XSS)
Essential Addons for Elementor Pro Cross-Site Scripting (XSS) via Lightbox and Modal Widget
Essential Real Estate Cross-Site Scripting (XSS) via Shortcode
Esteem Theme Cross-Site Scripting (XSS)
Events Addon for Elementor Cross-Site Scripting (XSS) via Multiple Widgets
Events Manager Cross-Site Scripting (XSS) via event, location, and event_category Shortcodes
Event Theme Cross-Site Scripting (XSS)
Event Tickets with Ticket Scanner Cross-Site Scripting (XSS)
Excellent Theme Cross-Site Scripting (XSS)
Exclusive Addons Elementor Cross-Site Scripting (XSS) via Card Widget
Flatsome Theme Cross-Site Scripting (XSS) via Shortcode
Flatsome Theme Cross-Site Scripting (XSS) via Shortcodes
Fluid Notification Bar Cross-Site Scripting (XSS)
FooGallery Cross-Site Scripting (XSS) via Gallery Custom URL
FooGallery Premium Cross-Site Scripting (XSS)
Formula Theme Cross-Site Scripting (XSS)
Formula Theme Cross-Site Scripting (XSS)
Frontend Checklist Cross-Site Scripting (XSS)
FS Product Inquiry Cross-Site Scripting (XSS)
FS Product Inquiry Unauthenticated Cross-Site Scripting (XSS)
Funnel Builder by CartFlows Cross-Site Scripting (XSS)
Futurio Extra Cross-Site Scripting (XSS) via Advanced Text Block Widget
Gallery Blocks with Lightbox Cross-Site Scripting (XSS) via galleryID and className Parameters
Gallery Slideshow Cross-Site Scripting (XSS)
GamiPress – Link Cross-Site Scripting (XSS)
GDPR CCPA Compliance Support Missing Authorization (BAC) to Settings Update (BAC) and Cross-Site Scripting (XSS)
GiveWP Cross-Site Scripting (XSS)
Google CSE Cross-Site Scripting (XSS)
GP Premium Cross-Site Scripting (XSS)
Greenshift – animation and page builder blocks Cross-Site Scripting (XSS)
Grey Opaque Theme Cross-Site Scripting (XSS) via Download-Button Shortcode
Groundhogg Cross-Site Scripting (XSS)
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS) via titleFont Parameter
Gutenberg Blocks by Kadence Blocks Cross-Site Scripting (XSS) in Google Maps Widget
Gutenberg & Elementor Templates Importer For Responsive Cross-Site Scripting (XSS)
Heateor Social Login Cross-Site Scripting (XSS)
Heateor Social Login Cross-Site Scripting (XSS)
HT Feed Cross-Site Scripting (XSS)
HT Mega Cross-Site Scripting (XSS) via Multiple Widgets
Html5 Audio Player Cross-Site Scripting (XSS)
IdeaPush Cross-Site Scripting (XSS)
Idyllic Theme Cross-Site Scripting (XSS)
Infinite Photography Theme Cross-Site Scripting (XSS) via project_url Parameter
Interactive Content – H5P Cross-Site Scripting (XSS)
Interface Theme Cross-Site Scripting (XSS)
Jeg Elementor Kit Cross-Site Scripting (XSS)
JetWidgets For Elementor Cross-Site Scripting (XSS)
jQuery T(-) Countdown Widget Cross-Site Scripting (XSS)
Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg Editor Cross-Site Scripting (XSS)
Kimili Flash Embed Cross-Site Scripting (XSS)
Kognetiks Chatbot for WordPress Cross-Site Scripting (XSS)
Link Library Cross-Site Scripting (XSS)
Login with phone number Cross-Site Scripting (XSS)
Logo Manager For Enamad Cross-Site Request Forgery (CSRF) to Cross-Site Scripting (XSS)
Magical Addons For Elementor Cross-Site Scripting (XSS)
Mailster Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Addons for Elementor Cross-Site Scripting (XSS)
Master Slider Cross-Site Scripting (XSS)
Master Slider Cross-Site Scripting (XSS)
Materialis Companion Store Cross-Site Scripting (XSS) via materialis_contact_form Shortcode
MaxGalleria Cross-Site Scripting (XSS)
Mime Types Extended Cross-Site Scripting (XSS) via SVG Upload
MIMO Woocommerce Order Tracking Cross-Site Scripting (XSS)
Mosaic Theme Cross-Site Scripting (XSS) via Button Shortcode
My Favorites Cross-Site Scripting (XSS)
Nafeza Prayer Time Cross-Site Scripting (XSS)
Newsletter Unauthenticated Cross-Site Scripting (XSS) via np
Newsletters Cross-Site Scripting (XSS)
Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue Cross-Site Scripting (XSS)
NextScripts Cross-Site Scripting (XSS)
Ninja Beaver Add-ons for Beaver Builder Cross-Site Scripting (XSS)
Ocean Extra Cross-Site Scripting (XSS) via Flickr Widget
One Page Express Companion Cross-Site Scripting (XSS) via one_page_express_contact_form Shortcode
Online Booking & Scheduling Calendar for WordPress by vcita Cross-Site Scripting (XSS)
Online Booking & Scheduling Calendar for WordPress by vcita Cross-Site Scripting (XSS)
Online Booking & Scheduling Calendar for WordPress by vcita Unauthenticated Cross-Site Scripting (XSS)
Orbit Fox by ThemeIsle Cross-Site Scripting (XSS)
OSM Map Widget for Elementor Cross-Site Scripting (XSS) via id Parameter
Page Builder: Live Composer Shortcode Cross-Site Scripting (XSS)
Page Builder: Live Composer Cross-Site Scripting (XSS)
Page Builder Sandwich – Front-End Page Builder Cross-Site Scripting (XSS)
Page Builder Sandwich – Front-End Page Builder Cross-Site Scripting (XSS)
PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode Cross-Site Scripting (XSS)
PDF Embedder Cross-Site Scripting (XSS)
PDF.js Viewer Cross-Site Scripting (XSS)
PDF Poster - PDF Embedder Plugin for WordPress Cross-Site Scripting (XSS)
PDF Viewer Cross-Site Scripting (XSS)
PDF Viewer for Elementor Cross-Site Scripting (XSS)
PDF Viewer for Elementor Cross-Site Scripting (XSS)
Permalink Manager Lite Cross-Site Scripting (XSS)
Photo Gallery by 10Web Cross-Site Scripting (XSS) via Zipped SVG
PixelYourSite – Your smart PIXEL (TAG) Manager Cross-Site Scripting (XSS)
Pixgraphy Theme Cross-Site Scripting (XSS)
Popup Builder Cross-Site Scripting (XSS) via Custom JS
Portfolio Gallery – Image Gallery Plugin DOM-Based Cross-Site Scripting (XSS)
PowerPack Addons for Elementor Cross-Site Scripting (XSS) via Link Effects Widget
PowerPack Lite for Beaver Builder Cross-Site Scripting (XSS)
Premium Addons for Elementor DOM-Based Cross-Site Scripting (XSS)
prettyPhoto Cross-Site Scripting (XSS) via url Parameter
Prime Slider – Addons For Elementor Cross-Site Scripting (XSS) via Pacific Widget
Print My Blog Cross-Site Scripting (XSS)
Progress Planner Cross-Site Scripting (XSS)
PropertyHive Cross-Site Scripting (XSS)
Qi Addons For Elementor Cross-Site Scripting (XSS) via Button Widget
Qi Blocks Cross-Site Scripting (XSS)
Recurring PayPal Donations Cross-Site Scripting (XSS)
Responsive Theme Cross-Site Scripting (XSS)
Responsive video embed Cross-Site Scripting (XSS)
Restaurant Menu – Food Ordering System – Table Reservation Cross-Site Scripting (XSS) via Shortcode
Restaurant Reservations Cross-Site Scripting (XSS)
RestroPress Cross-Site Scripting (XSS)
Rife Free Theme Cross-Site Scripting (XSS)
Robo Gallery Cross-Site Scripting (XSS) via Image Title
Rotating Tweets Cross-Site Scripting (XSS) via Shortcode
Royal Elementor Addons Cross-Site Scripting (XSS)
Royal Elementor Addons Cross-Site Scripting (XSS)
Royal Elementor Addons Cross-Site Scripting (XSS) via SVG Uploads
Sassy Social Share Cross-Site Scripting (XSS)
Save as PDF plugin by Pdfcrowd Cross-Site Scripting (XSS)
Scylla lite Theme Cross-Site Scripting (XSS) via Button Shortcode
SellKit Cross-Site Scripting (XSS) via id Parameter
Sensei Pro (WC Paid Courses) Cross-Site Scripting (XSS)
SEOPress Cross-Site Scripting (XSS)
SEOPress Cross-Site Scripting (XSS)
Serious Slider Cross-Site Scripting (XSS)
Shariff Cross-Site Scripting (XSS) via Shortcode
ShopLentor Cross-Site Scripting (XSS) via WL Product Horizontal Filter Widget
Shortcode Addons Cross-Site Scripting (XSS)
Shortcodes by United Themes Cross-Site Scripting (XSS)
Shortcodes Ultimate Cross-Site Scripting (XSS) via su_lightbox Shortcode
Silesia Theme Cross-Site Scripting (XSS) via Button Shortcode
Simple Ajax Chat Cross-Site Scripting (XSS)
Simple Image Popup Shortcode Cross-Site Scripting (XSS) via Shortcode
Simple Photoswipe Cross-Site Scripting (XSS)
Sina Extension for Elementor Cross-Site Scripting (XSS)
Sina Extension for Elementor DOM-Based Cross-Site Scripting (XSS)
Sinatra Theme Cross-Site Scripting (XSS)
SiteOrigin Widgets Bundle Cross-Site Scripting (XSS)
Sketchfab Embed Cross-Site Scripting (XSS)
SKT Addons for Elementor Cross-Site Scripting (XSS)
Slider Revolution Cross-Site Scripting (XSS)
Slideshow SE Cross-Site Scripting (XSS)
Social Link Pages Missing Authorization (BAC) to Arbitrary Page Creation (BAC) and Cross-Site Scripting (XSS)
Social Rocket Cross-Site Scripting (XSS)
Spotify Play Button Cross-Site Scripting (XSS)
Stackable – Page Builder Gutenberg Blocks DOM-Based Cross-Site Scripting (XSS)
Stellissimo Text Box Cross-Site Scripting (XSS)
Stratum Cross-Site Scripting (XSS) via Countdown Widget
Striking Theme Cross-Site Scripting (XSS)
Supreme Modules Lite Cross-Site Scripting (XSS)
SureTriggers Cross-Site Scripting (XSS) via Trigger Link Shortcode
Table Addons for Elementor Cross-Site Scripting (XSS)
Tabs Cross-Site Scripting (XSS)
tagDiv Composer Cross-Site Scripting (XSS) via button Shortcode
Tainacan Cross-Site Scripting (XSS)
TemplatesNext OnePager Cross-Site Scripting (XSS)
Testimonial Carousel For Elementor Cross-Site Scripting (XSS)
The7 Theme Cross-Site Scripting (XSS) via url Attribute
Themesflat Addons For Elementor Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS)
The Plus Addons for Elementor Page Builder Lite Cross-Site Scripting (XSS)
The Plus Addons for Elementor Pro Cross-Site Scripting (XSS)
The Post Grid Cross-Site Scripting (XSS)
Theron Lite Theme Cross-Site Scripting (XSS) via Button Shortcode
The Ultimate WordPress Toolkit – WP Extended Cross-Site Scripting (XSS)
Tooltip CK Cross-Site Scripting (XSS)
Transition Slider – Responsive Image Slider and Gallery Cross-Site Scripting (XSS)
Typing Text Cross-Site Scripting (XSS)
Ultimate Blocks – Gutenberg Blocks Plugin Cross-Site Scripting (XSS)
Ultimate Custom Add To Cart Button (Ajax) For WooCommerce by Binary Carpenter Broken Access Control (BAC) to Cross-Site Scripting (XSS)
Ultimate Post Kit – Addons For Elementor Cross-Site Scripting (XSS) via Social Count (Static) Widget
Uncanny Toolkit Pro for LearnDash Cross-Site Scripting (XSS)
Video Widget Cross-Site Scripting (XSS) via Widget
Visual Composer Website Builder Cross-Site Scripting (XSS)
WC Marketplace Cross-Site Scripting (XSS) via hover_animation Parameter
Weather Widget Pro Cross-Site Scripting (XSS)
Weaver Xtreme Theme Support Cross-Site Scripting (XSS) via div Shortcode
WebP & SVG Support Cross-Site Scripting (XSS) via SVG
Widget Bundle Unauthenticated Cross-Site Scripting (XSS)
Widget Bundle Cross-Site Scripting (XSS)
WidgetKit Cross-Site Scripting (XSS)
WishList Member X Unautenticated Plugin Settings Change Leading to Cross-Site Scripting (XSS)
Wonder PDF Embed Cross-Site Scripting (XSS)
WooCommerce Cross-Site Scripting (XSS)
Woody ad snippets Cross-Site Scripting (XSS)
WordPress Core Cross-Site Scripting (XSS) via HTML API
WordPress Core Cross-Site Scripting (XSS) via template-part
WP Chat App Cross-Site Scripting (XSS)
WP Cookie Notice for GDPR, CCPA & ePrivacy Consent Unauthenticated Cross-Site Scripting (XSS) via Client-IP header
wpDiscuz Cross-Site Scripting (XSS)
WP Docs Cross-Site Scripting (XSS)
WP Docs Cross-Site Scripting (XSS)
WP eMember Cross-Site Scripting (XSS)
WP Flow Plus Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Google Maps Cross-Site Scripting (XSS)
WP Job Portal Cross-Site Scripting (XSS)
WP Job Portal Cross-Site Scripting (XSS)
WP jQuery Lightbox Cross-Site Scripting (XSS) via title Attribute
WP-Lister Lite for Amazon Cross-Site Scripting (XSS)
WP Logs Book Unauthenticated Cross-Site Scripting (XSS)
WPMobile.App Cross-Site Scripting (XSS)
WP Mobile Menu Cross-Site Scripting (XSS) via Image Alt
WP Photo Album Plus Cross-Site Scripting (XSS)
WPPizza Cross-Site Scripting (XSS)
WP Post Author Cross-Site Scripting (XSS)
WP Secure Maintenance Cross-Site Scripting (XSS)
WP SVG images Cross-Site Scripting (XSS) via SVG
WP Time Slots Booking Form Cross-Site Scripting (XSS)
WP Visitors Tracker Cross-Site Scripting (XSS)
WPvivid Backup for MainWP Cross-Site Scripting (XSS)
WPZOOM Addons for Elementor (Templates, Widgets) Cross-Site Scripting (XSS)
YITH Custom Login Cross-Site Scripting (XSS)
YITH WooCommerce Tab Manager Cross-Site Scripting (XSS)
WordPress Cross-Site Scripting (XSS) reported in 2023: 2928
WordPress Cross-Site Scripting (XSS) reported in 2024: 1646
WHO needs tailored WP Maintenance? EVERYBODY!

Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.

Security is not a single-task job

Need tailored WP Security and got no clue where to start? Hire an expert. Pay a coffee per week or figure it out yourself.

Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Scripting audit! Decide after you compare RISK + IMPACT versus COST.

Related Posts

owlpower.eu
owlpower.eu
owlpower.eu