Thimo Grauerholz

**Name of the Vulnerable Software and Affected Versions** Thimo Grauerholz WP-Spreadplugin versions up to 3.8.6.1 **Description** A problematic vulnerability was found in Thimo Grauerholz WP-Spreadplugin on WordPress, affecting unknown code of the file spreadplugin.php. The manipulation of the `Spreadplugin` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** Upgrade to version 3.8.6.6 to address this issue. As a temporary workaround, consider restricting access to the `spreadplugin.php` file until the upgrade is applied.