WP XSS MAY 2025
WP Cross-Site Scripting
Managed WP & Woo Security Report
Be informed about the latest WP Cross-Site Scripting, identified and reported publicly. WP XSS MAY 2025 is a +68% INCREASE, compared to previous month. Consider for your online safety, a managed WP/Woo security AUDIT, – OR – switching with a TOP10LIST alternative WP Security Plugin – OR – Hire us for your recurrent needs of managed WordPress Security and managed WooCommerce Security.
WHO needs managed WP security? EVERYBODY!
Today's reality needs a Web Application Firewall (WAF) plus an Intrusion Prevention System (IPS) to mitigate "gazillion" different threats in your WordPress. Get your WP Cross-Site Scripting Patch Management.
The following cases made headlines PUBLICLY just last month in the WP XSS MAY 2025 & WP Cross-Site Scripting category:
| 1 Decembrie 1918 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| 360 View | Cross-Site Scripting (XSS) |
| 5sterrenspecialist | Cross-Site Scripting (XSS) |
| AAWP Obfuscator | Cross-Site Scripting (XSS) |
| AB Google Map Travel | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ABA PayWay Payment Gateway for WooCommerce | Cross-Site Scripting (XSS) |
| ABC Notation | Cross-Site Scripting (XSS) |
| Able Player | Cross-Site Scripting (XSS) |
| Access Areas | Cross-Site Scripting (XSS) |
| ACF: Google Font Selector | Cross-Site Scripting (XSS) |
| ActiveCampaign | Cross-Site Scripting (XSS) |
| Activity Reactions For Buddypress | Cross-Site Scripting (XSS) |
| Add Google +1 (Plus one) social share Button | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Add to Header | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Additional Custom Product Tabs for WooCommerce | Cross-Site Scripting (XSS) |
| Admin Menu Post List | Cross-Site Scripting (XSS) |
| Administrator Z | Cross-Site Scripting (XSS) |
| AdminQuickbar | Cross-Site Scripting (XSS) |
| Advance WP Query Search Filter | Cross-Site Scripting (XSS) |
| Advanced Accordion Gutenberg Block | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Advanced Custom Fields: Link Picker Field | Cross-Site Scripting (XSS) |
| Advanced Form Integration | Cross-Site Scripting (XSS) |
| Advanced lazy load | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Search by My Solr Server | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Tag Lists | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Advanced Typekit | Cross-Site Scripting (XSS) |
| Advanced Woo Labels | Cross-Site Scripting (XSS) |
| AF Tell a Friend | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Affiliate Links Lite | Cross-Site Scripting (XSS) |
| AI Content Pipelines | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| AI Search Bar | Cross-Site Scripting (XSS) |
| Ajax Comment Form CST | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| ALD Login Page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Amazon Showcase WordPress Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Anything Popup | Cross-Site Scripting (XSS) |
| Arconix FAQ | Cross-Site Scripting (XSS) |
| Aria Font | Cross-Site Scripting (XSS) |
| Arigato Autoresponder and Newsletter | Cross-Site Scripting (XSS) |
| Arkhe Theme Blocks | Cross-Site Scripting (XSS) |
| Arrow Custom Feed for Twitter | Cross-Site Scripting (XSS) |
| Asgaros Forum | Cross-Site Scripting (XSS) |
| AT Internet SmartTag | Cross-Site Scripting (XSS) |
| AtomChat | Cross-Site Scripting (XSS) |
| Attendance Manager | Cross-Site Scripting (XSS) |
| Author Bio Shortcode | Cross-Site Scripting (XSS) |
| Author Box After Posts | Cross-Site Scripting (XSS) |
| Author WIP Progress Bar | Cross-Site Scripting (XSS) |
| Auto scroll for reading | Cross-Site Scripting (XSS) |
| Automatic Ban IP | Cross-Site Scripting (XSS) |
| Awesome Event Booking | Cross-Site Scripting (XSS) |
| Awesome Logos | Cross-Site Scripting (XSS) |
| Awesome Wp Image Gallery | Cross-Site Scripting (XSS) |
| AWSA Shipping | Cross-Site Scripting (XSS) |
| B Blocks | Cross-Site Scripting (XSS) |
| BBCode Deluxe | Cross-Site Scripting (XSS) |
| bbPress2 shortcode whitelist | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Beam me up Scotty – Back to Top Button | Cross-Site Scripting (XSS) |
| Beds24 Online Booking | Cross-Site Scripting (XSS) |
| Best Posts Summary | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Betheme Theme | Cross-Site Scripting (XSS) |
| Big Boom Directory | Cross-Site Scripting (XSS) |
| Bit Form – Contact Form Plugin | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Black Widgets For Elementor | Cross-Site Scripting (XSS) |
| BlockWheels | Cross-Site Scripting (XSS) |
| Blog Manager WP | Cross-Site Scripting (XSS) |
| Blubrry PowerPress Podcasting plugin MultiSite add-on | Cross-Site Scripting (XSS) |
| Boo Recipes | Cross-Site Scripting (XSS) |
| Booster for WooCommerce | Unauthenticated Cross-Site Scripting (XSS) |
| Booster for WooCommerce | Unauthenticated Cross-Site Scripting (XSS) |
| Booster Plus for WooCommerce | Cross-Site Scripting (XSS) |
| Botnet Attack Blocker | Cross-Site Scripting (XSS) |
| BP Social Connect | Cross-Site Scripting (XSS) |
| Breaking News WP | Cross-Site Scripting (XSS) |
| Breeze Display | Cross-Site Scripting (XSS) from cal_size Parameter |
| Bridge Core | Cross-Site Scripting (XSS) |
| Brizy | Cross-Site Scripting (XSS) |
| Broadstreet | Cross-Site Scripting (XSS) |
| Broken Links Remover | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| BruteGuard – Brute Force Login Protection | Cross-Site Scripting (XSS) |
| BuddyPress Members Only | Cross-Site Scripting (XSS) |
| Bulk Theme NoIndex & NoFollow Toolkit | Cross-Site Scripting (XSS) |
| Bulk Theme Page Stub Creator | Cross-Site Scripting (XSS) |
| Business Contact Widget | Cross-Site Scripting (XSS) |
| BWD Elementor Addons | Cross-Site Scripting (XSS) |
| byBrick Accordion | Cross-Site Scripting (XSS) |
| C9 Blocks | Cross-Site Scripting (XSS) |
| Cache control by Cacholong | Cross-Site Scripting (XSS) |
| Cal.com | Cross-Site Scripting (XSS) |
| Calculated Fields Form | Cross-Site Scripting (XSS) |
| Calculated Fields Form | Cross-Site Scripting (XSS) |
| Call Now PHT Blog | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Canonical Attachments | Cross-Site Scripting (XSS) |
| Carousel-of-post-images | Cross-Site Scripting (XSS) |
| Cart66 Cloud | Cross-Site Scripting (XSS) |
| Category Posts Widget | Cross-Site Scripting (XSS) |
| CF7 Spreadsheets | Cross-Site Scripting (XSS) |
| CG Scroll To Top | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CGM Event Calendar | Cross-Site Scripting (XSS) |
| Chamber Dashboard Business Directory | Cross-Site Scripting (XSS) |
| Chat2 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| CheckBot | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Checklist | Cross-Site Scripting (XSS) |
| Checkout Files Upload for WooCommerce | Cross-Site Scripting (XSS) |
| Checkout for PayPal | Cross-Site Scripting (XSS) |
| ChillPay WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Church Admin | Cross-Site Scripting (XSS) |
| Client Showcase | Cross-Site Scripting (XSS) |
| Clinked Client Portal | Cross-Site Scripting (XSS) |
| CM Header and Footer | Cross-Site Scripting (XSS) |
| Codescar Radio Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Colibri Page Builder | Cross-Site Scripting (XSS) |
| Coming Soon Countdown | Cross-Site Scripting (XSS) |
| Comment Validation Reloaded | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Confirm User Registration | Cross-Site Scripting (XSS) |
| Connector to CiviCRM with CiviMcRestFace | Cross-Site Scripting (XSS) |
| Contact Form & SMTP Plugin | Cross-Site Scripting (XSS) |
| Contact Form 7 Calendar | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Contact Form Builder by vcita | Cross-Site Scripting (XSS) |
| Contact Form by Supsystic | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) from saveAsCopy AJAX Action |
| Contact Form vCard Generator | Cross-Site Scripting (XSS) |
| Contact Form vCard Generator | Cross-Site Scripting (XSS) |
| Contempo Real Estate Core | Cross-Site Scripting (XSS) from Shortcode |
| Content Manager Light | Cross-Site Scripting (XSS) |
| ContentBot AI Writer | Cross-Site Scripting (XSS) |
| Control Listings | Cross-Site Scripting (XSS) |
| cookieBAR | Cross-Site Scripting (XSS) |
| CookieHint WP | Cross-Site Scripting (XSS) |
| Cool Flipbox – Shortcode & Gutenberg Block | Cross-Site Scripting (XSS) |
| Cost Calculator Builder | Cross-Site Scripting (XSS) |
| Coupon Affiliates | Cross-Site Scripting (XSS) from 'commission_summary' Parameter |
| CoverManager | Cross-Site Scripting (XSS) |
| COVID-19 (Coronavirus) Update Your Customers | Cross-Site Scripting (XSS) |
| Credova_Financial | Cross-Site Scripting (XSS) |
| CRM Perks | Cross-Site Scripting (XSS) |
| Crowdfunding for WooCommerce | Cross-Site Scripting (XSS) |
| Custom Admin-Bar Favorites | Cross-Site Scripting (XSS) |
| Custom Content Scrollbar | Cross-Site Scripting (XSS) |
| Custom Database Applications by Caspio | Cross-Site Scripting (XSS) |
| Custom Functions Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Posts Order | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Custom Related Posts | Cross-Site Scripting (XSS) |
| Custom Smilies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Czater.pl – live chat i telefon | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Dashboard Notepads | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| DeBounce Email Validator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Debug Log Manager | Cross-Site Scripting (XSS) |
| Delete Post Revision | Cross-Site Scripting (XSS) |
| Deliver from Shipos for WooCommerce | Cross-Site Scripting (XSS) |
| Design Blocks | Cross-Site Scripting (XSS) |
| Digihood HTML Sitemap | Cross-Site Scripting (XSS) |
| Dima Take Action | Cross-Site Scripting (XSS) |
| Directorist AddonsKit for Elementor | Cross-Site Scripting (XSS) |
| DN Shipping by Weight for WooCommerce | Cross-Site Scripting (XSS) |
| DobsonDev Shortcodes | Cross-Site Scripting (XSS) |
| Document Management System | Cross-Site Scripting (XSS) |
| Donate Me | Cross-Site Scripting (XSS) |
| Doppler Forms | Cross-Site Scripting (XSS) |
| Doppler Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Download Manager | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Drop Caps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Dropdown Content | Cross-Site Scripting (XSS) |
| DSGVO Youtube | Cross-Site Scripting (XSS) |
| Easy Contact | Cross-Site Scripting (XSS) |
| Easy Custom CSS | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Easy Magazine | Cross-Site Scripting (XSS) |
| Easy Post Duplicator | Cross-Site Scripting (XSS) |
| Ebook Downloader | Cross-Site Scripting (XSS) |
| Ebook Downloader | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Ecwid Shopping Cart | Cross-Site Scripting (XSS) |
| eForm - WordPress Form Builder | Unauthenticated Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | DOM-Based Cross-Site Scripting (XSS) |
| Element Pack Elementor Addons | Cross-Site Scripting (XSS) |
| Elements kit Elementor addons | Cross-Site Scripting (XSS) |
| Elfsight Testimonials Slider | Cross-Site Scripting (XSS) |
| Email Subscribers & Newsletters | Cross-Site Scripting (XSS) in Template |
| Email Subscribers & Newsletters | Cross-Site Scripting (XSS) |
| Embed Chessboard | Cross-Site Scripting (XSS) |
| Emma for WordPress | Cross-Site Scripting (XSS) |
| Enable Media Replace | Cross-Site Scripting (XSS) |
| Enhanced Paypal Shortcodes | Cross-Site Scripting (XSS) |
| ePaper Lister for Yumpu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Epeken All Kurir | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Essential Addons for Elementor | Cross-Site Scripting (XSS) |
| Ethiopian Calendar | Cross-Site Scripting (XSS) |
| Event post | Cross-Site Scripting (XSS) |
| Eventbee RSVP Widget | Cross-Site Scripting (XSS) |
| Everest Forms | Cross-Site Scripting (XSS) |
| Exit Popup Free | Cross-Site Scripting (XSS) |
| Extensions for Elementor | Cross-Site Scripting (XSS) |
| External Markdown | Cross-Site Scripting (XSS) |
| ez Form Calculator - WordPress plugin | Cross-Site Scripting (XSS) |
| Fable Extra | Cross-Site Scripting (XSS) |
| FancyPost | Cross-Site Scripting (XSS) |
| Fazyvo Theme | Cross-Site Scripting (XSS) |
| Feedify – Web Push Notifications | Cross-Site Scripting (XSS) |
| FireDrum Email Marketing | Cross-Site Scripting (XSS) |
| Flag Icons | Cross-Site Scripting (XSS) |
| Flags Widget | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Flickr Photostream | Cross-Site Scripting (XSS) |
| Floating Social Bar | Cross-Site Scripting (XSS) |
| FluentForm | Cross-Site Scripting (XSS) |
| Foliopress WYSIWYG | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Follow Us Badges | Cross-Site Scripting (XSS) |
| Fonts Manager | Custom Fonts | Cross-Site Scripting (XSS) |
| FooBox Image Lightbox | Cross-Site Scripting (XSS) |
| Footnotes for WordPress | Cross-Site Scripting (XSS) |
| Form Maker by 10Web | Cross-Site Scripting (XSS) |
| Forminator | Cross-Site Scripting (XSS) from 'limit' |
| FraudLabs Pro for WooCommerce | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| FrescoChat Live Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Frizzly | Cross-Site Scripting (XSS) |
| Front End Users | Cross-Site Scripting (XSS) |
| FS Poster | Cross-Site Scripting (XSS) |
| FunnelCockpit | Cross-Site Scripting (XSS) |
| FuseDesk | Cross-Site Scripting (XSS) from successredirect Parameter |
| Fusion | Cross-Site Scripting (XSS) |
| Fusion Builder | Cross-Site Scripting (XSS) |
| Gallery – Photo Albums Plugin | Cross-Site Scripting (XSS) |
| GB Gallery Slideshow | Cross-Site Scripting (XSS) |
| Gift Certificate Creator | Cross-Site Scripting (XSS) from receip_address Parameter |
| Giveaways and Contests by RafflePress | Cross-Site Scripting (XSS) |
| Global Gallery | Cross-Site Scripting (XSS) |
| Glossy Blog Theme | Cross-Site Scripting (XSS) |
| GNA Search Shortcode | Cross-Site Scripting (XSS) |
| Google News | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Gosign – Posts Slider Block | Cross-Site Scripting (XSS) |
| Gravel Theme | Cross-Site Scripting (XSS) |
| Gravity Forms CSS Themes with Fontawesome and Placeholders | Cross-Site Scripting (XSS) |
| Groundhogg | Cross-Site Scripting (XSS) from label Parameter |
| GTDB Guitar Tuners | Cross-Site Scripting (XSS) |
| Gutena Kit – Gutenberg Blocks and Templates | Cross-Site Scripting (XSS) |
| Gutenify | Cross-Site Scripting (XSS) |
| GutenKit | Cross-Site Scripting (XSS) |
| Gutenverse | Cross-Site Scripting (XSS) from countdown Block |
| Hamburger Icon Menu Lite | Cross-Site Scripting (XSS) |
| Hive Support | Cross-Site Scripting (XSS) |
| Hive Support | Cross-Site Scripting (XSS) |
| HMH Footer Builder For Elementor | Cross-Site Scripting (XSS) |
| Home Services Theme | Cross-Site Scripting (XSS) |
| Hospital Management System | Cross-Site Scripting (XSS) |
| HTML Forms | Cross-Site Scripting (XSS) |
| HTML Forms | Cross-Site Scripting (XSS) |
| Html5 Audio Player | Cross-Site Scripting (XSS) |
| HTML5 Video Player with Playlist | Cross-Site Scripting (XSS) |
| Hyperlink Group Block | Cross-Site Scripting (XSS) |
| Hypotext | Cross-Site Scripting (XSS) |
| iCal Feeds | Cross-Site Scripting (XSS) |
| Icegram | Cross-Site Scripting (XSS) |
| Image Hover Effects For WPBakery Page Builder | Cross-Site Scripting (XSS) |
| Image Style Hover | Cross-Site Scripting (XSS) |
| IMPress for IDX Broker | Cross-Site Scripting (XSS) |
| Infusionsoft Web Form JavaScript | Cross-Site Scripting (XSS) |
| Inline Text Popup | Cross-Site Scripting (XSS) |
| Insert HTML Here | Cross-Site Scripting (XSS) |
| Interactive Geo Maps | Cross-Site Scripting (XSS) |
| Interactive US Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Internal Link Optimiser | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| iONE360 configurator | Cross-Site Scripting (XSS) |
| IP2Location Variables | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| IP2Location World Clock | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| JetBlocks For Elementor | Cross-Site Scripting (XSS) |
| JetBlog | Cross-Site Scripting (XSS) |
| JetElements For Elementor | Cross-Site Scripting (XSS) |
| JetEngine | Cross-Site Scripting (XSS) |
| JetProductGallery | Cross-Site Scripting (XSS) |
| JetSearch | Cross-Site Scripting (XSS) |
| JetSmartFilters | Cross-Site Scripting (XSS) |
| JetTabs | Cross-Site Scripting (XSS) |
| JSON Structuring Markup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KeyCAPTCHA | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| KiotViet Sync | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LA-Studio Element Kit for Elementor | Cross-Site Scripting (XSS) |
| Landing pages and Domain aliases for WordPress | Cross-Site Scripting (XSS) |
| Language Field | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Latest Custom Post Type Updates | Cross-Site Scripting (XSS) |
| Leadfox for WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LeadLab by wiredminds | Cross-Site Scripting (XSS) |
| LeadQuizzes | Cross-Site Scripting (XSS) |
| Leartes TRY Exchange Rates | Cross-Site Scripting (XSS) |
| Lexicata | Cross-Site Scripting (XSS) |
| Libro de Reclamaciones | Cross-Site Scripting (XSS) |
| Libro de Reclamaciones y Quejas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| License For Envato | Cross-Site Scripting (XSS) |
| License Manager for WooCommerce | Cross-Site Scripting (XSS) |
| Lightweight and Responsive Youtube Embed | Cross-Site Scripting (XSS) |
| Lightweight and Responsive Youtube Embed | Cross-Site Scripting (XSS) |
| Limit Max IPs Per User | Cross-Site Scripting (XSS) |
| Link Library | Cross-Site Scripting (XSS) from Link Additional Parameters |
| Link Library | Cross-Site Scripting (XSS) |
| Link Shield | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| List Last Changes | Cross-Site Scripting (XSS) |
| Listings for Buildium | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Loan Calculator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Lock Your Updates | Cross-Site Scripting (XSS) |
| Login Manager | Cross-Site Scripting (XSS) from Custom URL |
| Logo Carousel Slider | Cross-Site Scripting (XSS) |
| Lottie Player block - Implement Lottie animations. | Cross-Site Scripting (XSS) from File Upload (BAC) |
| LSD Custom taxonomy and category meta | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| LuckyWP Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mad Mimi for WordPress | Cross-Site Scripting (XSS) |
| Magical Blocks | Cross-Site Scripting (XSS) |
| Make Email Customizer for WooCommerce | Cross-Site Scripting (XSS) |
| Mang Board WP | Cross-Site Scripting (XSS) from Board Header And Footer |
| MapPress Maps for WordPress | Cross-Site Scripting (XSS) |
| MapPress Maps for WordPress | Cross-Site Scripting (XSS) |
| Maps for WP | Cross-Site Scripting (XSS) |
| MapSVG Lite | Cross-Site Scripting (XSS) |
| Marketer Addons | Cross-Site Scripting (XSS) |
| MaxButtons | Cross-Site Scripting (XSS) |
| Media Library Assistant | Cross-Site Scripting (XSS) |
| MediaView | Cross-Site Scripting (XSS) |
| Memberpress | Cross-Site Scripting (XSS) |
| Membership For WooCommerce | Cross-Site Scripting (XSS) |
| Mergado Pack | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| mFolio Lite | Cross-Site Scripting (XSS) |
| Milat jQuery Automatic Popup | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mini twitter feed | Cross-Site Scripting (XSS) |
| Mixcloud Embed | Cross-Site Scripting (XSS) |
| MMX – Make Me Christmas | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Mobile Pages | Cross-Site Scripting (XSS) |
| Mobile Smart | Cross-Site Scripting (XSS) |
| Modal Survey | Cross-Site Scripting (XSS) |
| Modern Polls | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Modula Image Gallery | DOM-Based Cross-Site Scripting (XSS) from FancyBox JavaScript Library |
| More Mime Type Filters | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Most And Least Read Posts Widget | Cross-Site Scripting (XSS) |
| Motors | Cross-Site Scripting (XSS) |
| Motors | Cross-Site Scripting (XSS) |
| MPL-Publisher | Cross-Site Scripting (XSS) |
| MSRP (RRP) Pricing for WooCommerce | Cross-Site Scripting (XSS) |
| Multi-Column Taxonomy List | Cross-Site Scripting (XSS) |
| MultiMailer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MultiMailer | Cross-Site Scripting (XSS) |
| Multiple Location Google Map | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Musician's Pack for Elementor | Cross-Site Scripting (XSS) |
| MX Time Zone Clocks | Cross-Site Scripting (XSS) |
| My Custom Widgets | Cross-Site Scripting (XSS) |
| My Marginalia | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| MyBookProgress by Stormhill Media | Cross-Site Scripting (XSS) |
| MyWorks WooCommerce Sync for QuickBooks Online | Cross-Site Scripting (XSS) |
| NanoSupport | Cross-Site Scripting (XSS) |
| Nav Menu Manager | Cross-Site Scripting (XSS) |
| Nemesis All-in-One | Cross-Site Scripting (XSS) |
| Nepali Date Converter | Cross-Site Scripting (XSS) |
| Nepali Date Utilities | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nepali Post Date | Cross-Site Scripting (XSS) |
| News Element Elementor Blog Magazine | Cross-Site Scripting (XSS) |
| News Kit Elementor Addons | Cross-Site Scripting (XSS) |
| News, Magazine and Blog Elements | Cross-Site Scripting (XSS) |
| NewsBoard Post and RSS Scroller | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Ni WooCommerce Cost Of Goods | Cross-Site Scripting (XSS) |
| Nimbata Call Tracking | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Nino Social Connect | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Norse Rune Oracle Plugin | Cross-Site Scripting (XSS) |
| Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme | Cross-Site Scripting (XSS) |
| Nova Blocks by Pixelgrade | Cross-Site Scripting (XSS) |
| occupancyplan | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Ocean Extra | Cross-Site Scripting (XSS) from Shortcode |
| One Click Accessibility | Cross-Site Scripting (XSS) |
| Opal Portfolio | Cross-Site Scripting (XSS) |
| OpenMenu | Cross-Site Scripting (XSS) |
| Oppso Unit Converter | Cross-Site Scripting (XSS) |
| Oracle Cards Lite | Cross-Site Scripting (XSS) |
| OSM – OpenStreetMap | Cross-Site Scripting (XSS) |
| Pages Order | Cross-Site Scripting (XSS) |
| Pagopar – WooCommerce Gateway | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Payment Form for PayPal Pro | Cross-Site Scripting (XSS) |
| Payment Forms for Paystack | Cross-Site Scripting (XSS) |
| PDF Generator Addon for Elementor Page Builder | Cross-Site Scripting (XSS) |
| Peadig’s Google +1 Button | Cross-Site Scripting (XSS) |
| Peekaboo | Cross-Site Scripting (XSS) |
| PeproDev CF7 Database | Cross-Site Scripting (XSS) |
| Perfect Font Awesome Integration | Cross-Site Scripting (XSS) |
| Photo Gallery by 10Web | Unauthenticated Cross-Site Scripting (XSS) |
| Photo Gallery by 10Web | Cross-Site Scripting (XSS) from 'image_id' Parameter |
| Photobox Theme | Cross-Site Scripting (XSS) |
| PhotoShelter for Photographers Blog Feed Plugin | Cross-Site Scripting (XSS) |
| Piotnet Addons For Elementor | Cross-Site Scripting (XSS) |
| Piotnet Forms | Cross-Site Scripting (XSS) |
| Piotnet Forms | Cross-Site Scripting (XSS) |
| PlainInventory | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Planyo online reservation system | Cross-Site Scripting (XSS) |
| Plugin Oficial – Getnet para WooCommerce | Cross-Site Scripting (XSS) |
| Plugin Upgrade Time Out | Cross-Site Scripting (XSS) from Cross-Site Request Forgery (CSRF) |
| Popping Content Light | Cross-Site Scripting (XSS) |
| Post Custom Templates Lite | Cross-Site Scripting (XSS) |
| Post in page for Elementor | Cross-Site Scripting (XSS) |
| Posten | Cross-Site Scripting (XSS) |
| PostmarkApp Email Integrator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Posts Footer Manager | Cross-Site Scripting (XSS) |
| Posts for Page | Cross-Site Scripting (XSS) |
| PowerPack Addons for Elementor | Cross-Site Scripting (XSS) |
| PowerPress Podcasting | Cross-Site Scripting (XSS) |
| PowerPress Podcasting | Cross-Site Scripting (XSS) from Podcast URL |
| Print Science Designer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Processing Projects | Cross-Site Scripting (XSS) |
| Product Excel Import Export & Bulk Theme Edit for WooCommerce | Cross-Site Scripting (XSS) |
| Product Table by WBW | Cross-Site Scripting (XSS) |
| Profile Builder | Cross-Site Scripting (XSS) from Shortcode |
| PropertyHive | Cross-Site Scripting (XSS) |
| QR Master | Cross-Site Scripting (XSS) |
| Quantity Dynamic Pricing & Bulk Theme Discounts for WooCommerce | Cross-Site Scripting (XSS) |
| Question Answer | Cross-Site Scripting (XSS) |
| RAphicon | Cross-Site Scripting (XSS) |
| Raptive Ads | Cross-Site Scripting (XSS) |
| Real Testimonials | Cross-Site Scripting (XSS) |
| Redirect wordpress to welcome or landing page | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RegistrationMagic | Cross-Site Scripting (XSS) |
| Related Posts from Taxonomies | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Posts Widget with Thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Related Videos for JW Player | Cross-Site Scripting (XSS) |
| RentSyst | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Request Call Back | Cross-Site Scripting (XSS) |
| Rescue Shortcodes | Cross-Site Scripting (XSS) |
| Responsive Blocks | Cross-Site Scripting (XSS) |
| Responsive Slider by MetaSlider | Cross-Site Scripting (XSS) |
| Restrict User Registration | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| RestroPress | Cross-Site Scripting (XSS) |
| Revamp CRM for WooCommerce | Cross-Site Scripting (XSS) |
| REVE Chat | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Review Stream | Cross-Site Scripting (XSS) |
| Revision Diet | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rezo Theme | Cross-Site Scripting (XSS) |
| Rich Text Editor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Right Click Disable OR Ban | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Rio Video Gallery | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Royal Elementor Addons | Cross-Site Scripting (XSS) |
| Royal Elementor Addons | DOM-Based Cross-Site Scripting (XSS) |
| RRSSB | Cross-Site Scripting (XSS) |
| RS Elements Elementor Addon | Cross-Site Scripting (XSS) |
| RSS Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Run Contests, Raffles, and Giveaways with ContestsWP | Cross-Site Scripting (XSS) |
| Run Contests, Raffles, and Giveaways with ContestsWP | Cross-Site Scripting (XSS) |
| SB Chart block | Cross-Site Scripting (XSS) from className Parameter |
| Scheduled | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Script Compressor | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Scriptless Social Sharing | Cross-Site Scripting (XSS) |
| Search engine keywords highlighter | Cross-Site Scripting (XSS) |
| Search, Filters & Merchandising for WooCommerce | Cross-Site Scripting (XSS) |
| Secure Copy Content Protection and Content Locking | Cross-Site Scripting (XSS) |
| Secure Copy Content Protection and Content Locking | Cross-Site Scripting (XSS) |
| Send E-mail | Cross-Site Scripting (XSS) |
| Send From | Cross-Site Scripting (XSS) |
| SEO Tools | Cross-Site Scripting (XSS) |
| SEO, Nutrition and Print for Recipes by Edamam | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Sequel | Cross-Site Scripting (XSS) |
| Seriously Simple Podcasting | Cross-Site Scripting (XSS) |
| SERPed.net | Cross-Site Scripting (XSS) |
| Sheet2Site | Cross-Site Scripting (XSS) |
| SheetDB | Cross-Site Scripting (XSS) |
| ShopCred | Cross-Site Scripting (XSS) |
| Shopo Theme | Cross-Site Scripting (XSS) |
| Showeblogin Social | Cross-Site Scripting (XSS) |
| Sidebar Manager Light | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Silvasoft boekhouden | Cross-Site Scripting (XSS) |
| Simple Banner | Cross-Site Scripting (XSS) |
| Simple Contact Forms | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Download Counter | Cross-Site Scripting (XSS) |
| Simple Map No Api | Cross-Site Scripting (XSS) |
| Simple Maps | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Owl Carousel | Cross-Site Scripting (XSS) |
| Simple Post Expiration | Cross-Site Scripting (XSS) |
| Simple Post Meta Manager | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Simple Social Media Share Buttons | Cross-Site Scripting (XSS) |
| Simple Social Media Share Buttons | Cross-Site Scripting (XSS) |
| Simple Spoiler | Cross-Site Scripting (XSS) |
| Simple WP Events | Cross-Site Scripting (XSS) |
| Simple-Audioplayer | Cross-Site Scripting (XSS) |
| Simplish Theme | Cross-Site Scripting (XSS) |
| SimpLy Gallery | Cross-Site Scripting (XSS) |
| SimplyRETS Real Estate IDX | Cross-Site Scripting (XSS) |
| Sirv | Cross-Site Scripting (XSS) |
| Site Search 360 | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Site Table of Contents | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| SKT Blocks | Cross-Site Scripting (XSS) |
| SKT Blocks | Cross-Site Scripting (XSS) |
| SKT Blocks | Cross-Site Scripting (XSS) |
| SKT Skill Bar | Cross-Site Scripting (XSS) |
| Sky Addons for Elementor | Cross-Site Scripting (XSS) |
| Slide Theme | Cross-Site Scripting (XSS) |
| Small Package Quotes – Worldwide Express Edition | Cross-Site Scripting (XSS) |
| Smart Icons For WordPress | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Smart Maintenance Mode | Cross-Site Scripting (XSS) |
| Smart Product Gallery Slider | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Smartarget Popup | Cross-Site Scripting (XSS) |
| SMM API | Cross-Site Scripting (XSS) |
| SMTP for Amazon SES | Unauthenticated Cross-Site Scripting (XSS) from Email Logs |
| SnapWidget Social Photo Feed Widget | Cross-Site Scripting (XSS) |
| Snow Storm | Cross-Site Scripting (XSS) |
| Social Bookmarking RELOADED | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Crowd | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Intents | Cross-Site Scripting (XSS) |
| Social Media Links | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Social Share And Social Locker | Cross-Site Scripting (XSS) |
| Social Slider Feed | Cross-Site Scripting (XSS) |
| SpaBiz Theme | Cross-Site Scripting (XSS) |
| spam-stopper | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Spark GF Failed Submissions | Cross-Site Scripting (XSS) |
| Spider Elements – Addons for Elementor | Cross-Site Scripting (XSS) |
| Split Test For Elementor | Cross-Site Scripting (XSS) |
| Spoiler Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Sprout Clients | Cross-Site Scripting (XSS) |
| Stop Registration Spam | Cross-Site Scripting (XSS) |
| Subscription Form for Feedblitz | Cross-Site Scripting (XSS) |
| Support Helpdesk Ticket System Lite | Cross-Site Scripting (XSS) |
| SurveyJS | Cross-Site Scripting (XSS) |
| Table Block by Tableberg | Cross-Site Scripting (XSS) |
| Tabs | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Tainá Theme | Cross-Site Scripting (XSS) |
| Task Scheduler | Cross-Site Scripting (XSS) |
| Tax Switch for WooCommerce | Cross-Site Scripting (XSS) |
| TaxoPress | Cross-Site Scripting (XSS) |
| Tayori Form | Cross-Site Scripting (XSS) |
| Team Builder | Cross-Site Scripting (XSS) |
| Team Members for Elementor Page Builder | Cross-Site Scripting (XSS) |
| Team Rosters | Cross-Site Scripting (XSS) |
| Terminal Africa | Cross-Site Scripting (XSS) |
| Terms Before Download | Cross-Site Scripting (XSS) |
| Textmetrics | Cross-Site Scripting (XSS) |
| The Logo Slider | Cross-Site Scripting (XSS) |
| The Pack Elementor addons | Cross-Site Scripting (XSS) |
| The World | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Theme Switcha | Cross-Site Scripting (XSS) |
| Themesflat Addons For Elementor | Cross-Site Scripting (XSS) |
| Themesflat Addons For Elementor | Cross-Site Scripting (XSS) |
| Themify Edmin Theme | Cross-Site Scripting (XSS) |
| Themify Folo Theme | Cross-Site Scripting (XSS) |
| Themify Newsy Theme | Cross-Site Scripting (XSS) |
| Themify Shortcodes | Cross-Site Scripting (XSS) |
| Themify Sidepane WordPress Theme | Cross-Site Scripting (XSS) |
| Tiger Theme | Cross-Site Scripting (XSS) |
| Tiger Theme | Cross-Site Scripting (XSS) |
| Time Based Greeting | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Timeline Event History | Cross-Site Scripting (XSS) |
| Tockify Events Calendar | Cross-Site Scripting (XSS) |
| Tooltip | Cross-Site Scripting (XSS) |
| Tourmaster | Cross-Site Scripting (XSS) |
| Tournamatch | Cross-Site Scripting (XSS) |
| Trackserver | Cross-Site Scripting (XSS) |
| translit it! | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Travelfic Toolkit | Cross-Site Scripting (XSS) |
| Turbo Addons for Elementor | Cross-Site Scripting (XSS) |
| Turisbook Booking System | Cross-Site Scripting (XSS) |
| Twice Commerce | Cross-Site Scripting (XSS) |
| Twispay Credit Card Payments | Cross-Site Scripting (XSS) |
| Twitter Card Generator | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| UiCore Elements | Cross-Site Scripting (XSS) from Multiple Widgets |
| Uix Shortcodes | Cross-Site Scripting (XSS) |
| Ultimate Dashboard | Cross-Site Scripting (XSS) |
| Ultimate Live Cricket WordPress Lite | Cross-Site Scripting (XSS) |
| Ultimate Push Notifications | Cross-Site Scripting (XSS) |
| Ultimate Store Kit Elementor Addons | Cross-Site Scripting (XSS) |
| Ultra Addons Lite for Elementor | Cross-Site Scripting (XSS) |
| Uncanny Toolkit for LearnDash | Cross-Site Scripting (XSS) |
| Unlimited Elements For Elementor (Free Widgets, Addons, Templates) | Cross-Site Scripting (XSS) |
| Unsafe Mimetypes | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Uptime Robot Plugin for WordPress | Cross-Site Scripting (XSS) |
| URL Shortify | Cross-Site Scripting (XSS) |
| User Registration | Cross-Site Scripting (XSS) |
| User Session Synchronizer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| User Submitted Posts | Cross-Site Scripting (XSS) |
| UXsniff | Cross-Site Scripting (XSS) |
| Varnish WordPress | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Vasaio QR Code | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| VForm | Cross-Site Scripting (XSS) |
| VForm | Cross-Site Scripting (XSS) |
| Vice Versa | Cross-Site Scripting (XSS) |
| Video Playlist For YouTube | Cross-Site Scripting (XSS) |
| Video Url | Cross-Site Scripting (XSS) |
| Videos | Cross-Site Scripting (XSS) |
| VikRestaurants Table Reservations and Take-Away | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Visual Composer Website Builder | Cross-Site Scripting (XSS) |
| VK Filter Search | Cross-Site Scripting (XSS) |
| VKontakte Cross-Post | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wallet System for WooCommerce | Cross-Site Scripting (XSS) |
| Watu Quiz | Cross-Site Scripting (XSS) |
| Waymark | Cross-Site Scripting (XSS) |
| WDesignkit | Cross-Site Scripting (XSS) |
| Web Directory Free | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Web Directory Free | Cross-Site Scripting (XSS) |
| Web2application | Cross-Site Scripting (XSS) |
| WebberZone Snippetz | Cross-Site Scripting (XSS) |
| WebinarPress | Cross-Site Scripting (XSS) |
| Webling | Cross-Site Scripting (XSS) |
| Welcome Bar | Cross-Site Scripting (XSS) |
| Welcome Popup | Cross-Site Scripting (XSS) |
| Wetterwarner | Cross-Site Scripting (XSS) |
| Widget for Social Page Feeds | Cross-Site Scripting (XSS) |
| Widget for Social Page Feeds | Cross-Site Scripting (XSS) |
| Widgetize Pages Light | Cross-Site Scripting (XSS) |
| Windows Live Writer | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| Wireless Butler Theme | Cross-Site Scripting (XSS) |
| WooCommerce – Payphone Gateway | Cross-Site Scripting (XSS) |
| WooCommerce – Store Exporter | Cross-Site Scripting (XSS) |
| WooCommerce Estimate and Quote | Cross-Site Scripting (XSS) |
| WooCommerce Sales MIS Report | Cross-Site Scripting (XSS) |
| WooCommerce TBC Credit Card Payment Gateway (Free) | Cross-Site Scripting (XSS) |
| WooMS | Cross-Site Scripting (XSS) |
| WooMS | Cross-Site Scripting (XSS) |
| WordPress Events Calendar Plugin – connectDaily | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Events Calendar Registration & Tickets | Cross-Site Scripting (XSS) |
| WordPress Galleria | Cross-Site Scripting (XSS) |
| WordPress Health and Server Condition – Integrated with Google Page Speed | Cross-Site Scripting (XSS) |
| WordPress Maps - Google Maps plugin | Cross-Site Scripting (XSS) |
| wordpress related Posts with thumbnails | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Spam Blocker | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WordPress Video Robot - The Ultimate Video Importer | Cross-Site Scripting (XSS) |
| Workbox Video from Vimeo & Youtube | Cross-Site Scripting (XSS) |
| WoWHead Tooltips | Cross-Site Scripting (XSS) |
| WP Abstracts | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP AdCenter | Cross-Site Scripting (XSS) |
| WP AutoKeyword | Cross-Site Scripting (XSS) |
| WP Bookmarks | Cross-Site Scripting (XSS) |
| WP Calais Auto Tagger | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Chrono | Cross-Site Scripting (XSS) |
| WP Cleaner | Cross-Site Scripting (XSS) |
| WP Cookie Consent | Cross-Site Scripting (XSS) |
| WP Copy Media URL | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Crowdfunding | Cross-Site Scripting (XSS) |
| Wp Custom CMS Block | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Custom Post Popup | Cross-Site Scripting (XSS) |
| WP Customize Login Page | Cross-Site Scripting (XSS) |
| WP Data Access | Cross-Site Scripting (XSS) |
| WP Date and Time Shortcode | Cross-Site Scripting (XSS) |
| WP Delete User Accounts | Cross-Site Scripting (XSS) |
| WP Donate | Cross-Site Scripting (XSS) |
| WP Easy Poll | Cross-Site Scripting (XSS) |
| WP Editor.md – The Perfect WordPress Markdown Editor | Cross-Site Scripting (XSS) |
| WP Featured Screenshot | Cross-Site Scripting (XSS) |
| WP Filter Post Category | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Flipclock | Cross-Site Scripting (XSS) |
| WP Hide Categories | Cross-Site Scripting (XSS) |
| WP Import Export Lite | DOM-Based Cross-Site Scripting (XSS) |
| WP Map Route Planner | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Modal Popup with Cookie Integration | Cross-Site Scripting (XSS) |
| WP Plugin Info Card | Cross-Site Scripting (XSS) |
| WP Post to PDF Enhanced | Cross-Site Scripting (XSS) |
| WP Posts Carousel | Cross-Site Scripting (XSS) |
| WP Profitshare | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Project Manager | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WP Project Manager | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| WP Proposals | Cross-Site Scripting (XSS) |
| WP Quiz | Cross-Site Scripting (XSS) |
| wp secure | Cross-Site Scripting (XSS) |
| WP SexyLightBox | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Sitemap | Cross-Site Scripting (XSS) |
| WP Table Builder | Cross-Site Scripting (XSS) |
| wp Time Machine | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP Vegas | Cross-Site Scripting (XSS) |
| WP w3all phpBB | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP_Identicon | Cross-Site Scripting (XSS) |
| WP-BusinessDirectory | Cross-Site Scripting (XSS) |
| WP-Easy Menu | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP-Hijri | Cross-Site Scripting (XSS) |
| WP-Planification | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WP-Recall | Cross-Site Scripting (XSS) |
| WP-reCAPTCHA-bp | Cross-Site Scripting (XSS) |
| WPAdverts | Cross-Site Scripting (XSS) |
| WPAMS | Cross-Site Scripting (XSS) |
| WPCasa | Cross-Site Scripting (XSS) |
| WPoperation Elementor Addons | Cross-Site Scripting (XSS) |
| wProject Theme | Cross-Site Scripting (XSS) |
| WPSHARE247 Elementor Addons | Cross-Site Scripting (XSS) |
| Wptobe-signinup | Cross-Site Scripting (XSS) |
| WpZon – Amazon Affiliate Plugin | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WS Audio Player | Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) |
| WS Force Login Page | Cross-Site Scripting (XSS) |
| xili-language | Cross-Site Scripting (XSS) |
| Xpert Tab | Cross-Site Scripting (XSS) |
| Xpro Elementor Addons | Cross-Site Scripting (XSS) |
| XV Random Quotes | Cross-Site Scripting (XSS) |
| YaMaps for WordPress | Cross-Site Scripting (XSS) |
| YouTube Embed | Cross-Site Scripting (XSS) |
| Z Companion | Cross-Site Scripting (XSS) from SVG File Upload (BAC) |
| Zephyr Project Manager | Cross-Site Scripting (XSS) |
| Zoho Creator Forms | Cross-Site Scripting (XSS) |
| ZoomSounds | Cross-Site Scripting (XSS) from Shortcode |
| WordPress Cross-Site Scripting (XSS) reported in 2023: | 2928 |
| WordPress Cross-Site Scripting (XSS) reported in 2024: | 3806 |
| WordPress Cross-Site Scripting (XSS) reported in 2025: | 2911 |
WHO needs managed WP Maintenance? EVERYBODY!
Today’s reality requires daily clean-ups with database optimisations, weekly updates and upgrades for both free & premium modules, plus the occasional emergency changes when critical vulnerabilities are publicly disclosed without patches. Order WP Cross-Site Scripting Patch Management.
Security is not a single-task job
Need managed WP Security and got no clue where to start? Hire an expert. Pay a coffee per week, its cheaper than 1 hour for a freelancer.
Not sure that our recurrent security offer is worthy of long-term consideration? Contact us today for a Cross-Site Scripting audit! Decide after you compare RISK + IMPACT versus COST.
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact Continue being informed Email (*double opt-in) Vulnerability reports (monthly) owlpower services (monthly) INSPIRATION (weekly) FEATURED (weekly) managed online business for you (tailored for niche needs) NEWS (weekly) Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes. Weekly inspiration, news and…
We’re passionate about helping you grow and make your impact
Continue being informed
Monthly vulnerability reports about WordPress and WooCommerce, plugins, themes.
Weekly inspiration, news and occasional with hand-picked deals. Unsubscribe anytime.
