Joost

**Name of the Vulnerable Software and Affected Versions** UpdraftPlus plugin versions prior to 1.9.64 **Description** The issue concerns a problem with the UpdraftPlus plugin for WordPress, where there is a potential for XSS (Cross-Site Scripting) attacks. This is due to the misuse of the `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.9.64, update to version 1.9.64 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** 2Checkout Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Exchange Authorize.net Add-on for WordPress version prior to 1.1.0 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Custom URL Tracking Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem with Custom URL Tracking Add-on for iThemes Exchange, where there is a potential for XSS attacks. This is due to the use of `add query arg()` and `remove query arg()` functions. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Table Rate Shipping Add-on for iThemes Exchange version 1.1.0 and earlier **Description** The issue concerns a problem where an attacker can exploit the `add query arg()` and `remove query arg()` functions to perform a cross-site scripting (XSS) attack. **Recommendations** For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Builder Theme Market versions prior to 5.1.27 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 5.1.27, update to version 5.1.27 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iThemes Builder Style Manager versions prior to 0.7.7 **Description** The issue concerns a problem with the add query arg() and remove query arg() functions, which can lead to XSS. **Recommendations** For versions prior to 0.7.7, update to version 0.7.7 or later to resolve the issue.