Daniel Cid

**Name of the Vulnerable Software and Affected Versions** iThemes Builder Style Manager versions prior to 0.7.7 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 0.7.7, update to version 0.7.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Table Rate Shipping Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem where an attacker can exploit the `add query arg()` and `remove query arg()` functions to perform a cross-site scripting (XSS) attack. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Mobile version 1.2.7 and earlier **Description** The issue is related to cross-site scripting (XSS) and involves the functions add query arg() and remove query arg(). **Recommendations** For iThemes Mobile version 1.2.7 and earlier, update to version 1.2.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Builder Theme Depot versions prior to 5.0.30 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 5.0.30, update to version 5.0.30 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Builder Theme Market versions prior to 5.1.27 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 5.1.27, update to version 5.1.27 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Jetpack plugin for WordPress versions prior to 3.4.3 **Description** The issue concerns a problem with the Jetpack plugin for WordPress, where there is a potential for XSS (Cross-Site Scripting) attacks. This is due to the improper use of the `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 3.4.3, update to version 3.4.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** UpdraftPlus plugin versions prior to 1.9.64 **Description** The issue concerns a problem with the UpdraftPlus plugin for WordPress, where there is a potential for XSS (Cross-Site Scripting) attacks. This is due to the misuse of the `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.9.64, update to version 1.9.64 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Related Posts plugin versions prior to 1.8.2 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 1.8.2, update to version 1.8.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange versions prior to 1.12.0 **Description** The issue is related to cross-site scripting (XSS) and involves the functions add query arg() and remove query arg(). **Recommendations** For versions prior to 1.12.0, update to version 1.12.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** 2Checkout Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange Authorize.net Add-on for WordPress version prior to 1.1.0 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Custom URL Tracking Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem with Custom URL Tracking Add-on for iThemes Exchange, where there is a potential for XSS attacks. This is due to the use of `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Easy Canadian Sales Taxes Add-on for iThemes Exchange versions prior to 1.1.0 **Description** The issue concerns a problem with the Easy Canadian Sales Taxes Add-on for iThemes Exchange, where there is a potential for XSS (Cross-Site Scripting) attacks. This is due to the use of `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange Easy EU Value Added (VAT) Taxes Add-on for WordPress version prior to 1.2.0 **Description** The issue concerns a problem with the Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before version 1.2.0 for WordPress. It involves XSS via the `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Easy US Sales Taxes Add-on for iThemes Exchange versions prior to 1.1.0 **Description** The issue concerns a problem with the Easy US Sales Taxes Add-on for iThemes Exchange, where there is a potential for XSS (Cross-Site Scripting) attacks. This is due to the use of `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Invoices Add-on for iThemes Exchange versions prior to 1.4.0 **Description** The issue concerns a problem with the Invoices Add-on for iThemes Exchange, where there is a potential for XSS attacks. This is due to the use of `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.4.0, update to version 1.4.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Manual Purchases Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem with the Manual Purchases Add-on for iThemes Exchange before version 1.1.0 for WordPress, where there is a potential for XSS via the `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Membership Add-on for iThemes Exchange versions prior to 1.3.0 **Description** The issue concerns a problem with the `add query arg()` and `remove query arg()` functions, which can lead to XSS. **Recommendations** For versions prior to 1.3.0, update to version 1.3.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange PayPal Pro Add-on for WordPress version prior to 1.1.0 **Description** The issue concerns a problem with the `add query arg()` and `remove query arg()` functions, which can lead to XSS. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange Stripe Add-on for WordPress version 1.2.0 and earlier **Description** The issue concerns a problem with the `add query arg()` and `remove query arg()` functions, which can lead to XSS. **Recommendations** For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue.