XSS Vulnerability Affecting Multiple WordPress Plugins | Sucuri Blog

Many popular WordPress plugins are vulnerable to Cross-site Scripting, from the misuse of the add_query_arg() and remove_query_arg() due to poor documentation.

Source: XSS Vulnerability Affecting Multiple WordPress Plugins | Sucuri Blog