WordPress Advanced Database Cleaner plugin <= 3.1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by ZhongFu Su aka JrXnm WuHan University in WordPress Advanced Database Cleaner plugin versions = 3.1.0. Solution Update the WordPress Advanced Database Cleaner plugin to the latest available version at least 3.1.1...

WordPress Google XML Sitemaps plugin <= 4.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Google XML Sitemaps plugin versions = 4.1.2. Solution Update the WordPress Google XML Sitemaps plugin to the latest available version at least 4.1.3...

WordPress Ocean Extra plugin <= 1.9.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Ocean Extra plugin versions = 1.9.4. Solution Update the WordPress Ocean Extra plugin to the latest available version at least 1.9.5...

WordPress All In One WP Security plugin <= 4.4.10 - Authenticated Arbitrary Redirect / Reflected XSS vulnerability

Authenticated Arbitrary Redirect / Reflected XSS vulnerability discovered by JrXnm in WordPress All In One WP Security plugin versions = 4.4.10. Solution Update the WordPress All In One WP Security plugin to the latest available version at least 4.4.11...

WordPress Conversios.io plugin <= 4.6.1 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress Conversios.io plugin versions = 4.6.1. Solution Update the WordPress Conversios.io plugin to the latest available version at least 4.6.2...

WordPress Database Backup for WordPress plugin <= 2.5 - SQL Injection (SQL) vulnerability

SQL Injection SQL vulnerability discovered by JrXnm in WordPress Database Backup for WordPress plugin versions = 2.5. Solution Update the WordPress Database Backup for WordPress plugin to the latest available version at least 2.5.1...

WordPress Advanced Database Cleaner plugin <= 3.0.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Advanced Database Cleaner plugin versions = 3.0.3. Solution Update the WordPress Advanced Database Cleaner plugin to the latest available version at least 3.0.4...

WordPress GiveWP plugin <= 2.17.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS via Donation Forms Dashboard vulnerability discovered by JrXnm in WordPress GiveWP plugin versions = 2.17.2. Solution Update the WordPress GiveWP plugin to the latest available version at least 2.17.3...

WordPress GiveWP plugin <= 2.17.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability via Import Tool discovered by JrXnm in WordPress GiveWP plugin versions = 2.17.2. Solution Update the WordPress GiveWP plugin to the latest available version at least 2.17.3...

WordPress Asset CleanUp plugin <= 1.3.8.4 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Asset CleanUp plugin versions = 1.3.8.4. Solution Update the WordPress Asset CleanUp plugin to the latest available version at least 1.3.8.5...

WordPress UpdraftPlus plugin <= 1.16.66 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress UpdraftPlus plugin versions = 1.16.66. Solution Update the WordPress UpdraftPlus plugin to the latest available version at least 1.16.69...

WordPress WP Extra File Types plugin <= 0.5 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by JrXnm in WordPress WP Extra File Types plugin versions = 0.5. Solution Update the WordPress WP Extra File Types plugin to the latest available version at least 0.5.1...

WordPress Easy Forms for Mailchimp plugin <= 6.8.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Easy Forms for Mailchimp plugin versions = 6.8.5. Solution Update the WordPress Easy Forms for Mailchimp plugin to the latest available version at least 6.8.6...

WordPress Paid Memberships Pro plugin <= 2.6.5 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Paid Memberships Pro plugin versions = 2.6.5. Solution Update the WordPress Paid Memberships Pro plugin to the latest available version at least 2.6.6...

WordPress Ni WooCommerce Custom Order Status plugin <= 1.9.6 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress Ni WooCommerce Custom Order Status plugin versions = 1.9.6. Solution Update the WordPress Ni WooCommerce Custom Order Status plugin to the latest available version at least 1.9.7...

WordPress Blog2Social plugin <= 6.8.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Blog2Social plugin versions = 6.8.6. Solution Update the WordPress Blog2Social plugin to the latest available version at least 6.8.7...

WordPress Everest Forms plugin <= 1.7.9 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Everest Forms plugin versions = 1.7.9. Solution Update the WordPress Everest Forms plugin to the latest available version at least 1.8.0...

WordPress Pixel Cat plugin <= 2.6.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Pixel Cat plugin versions = 2.6.2. Solution Update the WordPress Pixel Cat plugin to the latest available version at least 2.6.3...

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 3.9.2 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Auto Featured Image Auto Post Thumbnail plugin versions = 3.9.2. Solution Update the WordPress Auto Featured Image Auto Post Thumbnail plugin to the latest available version at least 3.9.3...

WordPress WP Data Access plugin <= 4.3.1 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress WP Data Access plugin versions = 4.3.1. Solution Update the WordPress WP Data Access plugin to the latest available version at least 5.0.0...