WordPress XSS Vulnerability


Due to the misuse of the add_query_arg() and remove_query_arg() functions (popular functions used by developers to modify and add query strings to URLs within WordPress), many WordPress plugins exhibit a vulnerability to Cross-site Scripting (XSS). You should login to your WordPress admin immediately and update all plugins to protect against this vulnerability.

This vulnerability currently affects the following plugins (and more):

Learn More on Sucuri’s Blog Post