PT-2026-36299 · Passionate Brains+97 · Aeh Speed Optimization: Browser Cache+130
Asaf Mozes
·
Published
2026-05-01
·
Updated
2026-05-01
·
CVE-2024-13362
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aeh Speed Optimization: Browser Cache
Ai Bud – Ai Content Generator
Ai Puffer – Chat. Create. Automate.
Awca – The Great Analytics Insights For Your Estore
Advanced Classifieds & Directory Pro
Advanced Scrollbar – Custom Scrollbar Styling/Behavior
Aidwp – Donation & Payment Forms
The Announcement & Notification Banner – Bulletin
Anti-Spam Protection – No Api Key
Auto-Install Free Ssl – Generate & Install Free Ssl Certificates
Automatic Internal Links For Seo By Pagup
Automatic Youtube Gallery
The Better Messages – Live Chat
Blockspare — News
Blog Designer Pack – Blog
Bulk Auto Image Alt Text (Alt Tag
Bulk Edit Posts/Products In Spreadsheet
Carousel
Checkout With Cash App On Woocommerce
Code Manager
Contact Form 7 Multi-Step Forms
The Coupon Affiliates – Affiliate Plugin For Woocommerce
Custom Php Settings
Custom Woocommerce Checkout Fields Editor
Delete Posts Automatically
Disable Payment Methods Based On Cart Conditions For Woocommerce
Display Eventbrite Events
Dracula Dark Mode – Accessibility
Dynamic Copyright Year
Easy Age Verify
Easy Appointment Booking & Scheduling System – Webba Booking Calendar
Easy Social Feed – Social Photos Gallery/Post Feed For Wordpress
Eazydocs – Ai Powered Knowledge Base
Elespare – News
Embedder For Google Reviews
Events Addon For Elementor
Featured Images In Rss For Mailchimp & More
File Manager For Google Drive – Integrate Google Drive
Five-Star Ratings Shortcode
Forumax – Ai Powered Advanced Community Forum Plugin
Full Screen Background
Ga4Wp – Analytics Dashboard For The Website
Gallery By Foogallery
Geo Mashup
Glossary
Go Fetch Jobs
Goal Tracker – Custom Event Tracking For Ga4
Html5 Audio Player – The Ultimate No-Code Podcast
Image Alt Text Manager – Bulk & Dynamic Alt Tags For Image Seo Optimization + Ai
Inavii Social Feed
Independent Analytics
Internal Link Juicer: Seo Auto Linker For Wordpress
Ivory Search – Wordpress Search Plugin
Wpjoli Joli Table Of Contents
Justified Gallery
Kikote – Location Picker At Checkout & Google Address Autofill Plugin For Woocommerce
Knowledge Base Documentation & Wiki Plugin – Basepress Docs
Lightbox & Modal Popup Wordpress Plugin – Foobox
Logo Showcase – Responsive Logo Carousel
Mapgeo – Interactive Geo Maps
Mapster Wp Maps
Marijuana Age Verify
Master Addons For Elementor – Widgets
Imagemenu
Message Filter For Contact Form 7
Meta Field Block – Display Custom Fields In The Block Editor Without Coding
Mixed Media Gallery Blocks
The Music Player For Elementor – Audio Player & Podcast Player
Fm Notification Bar
Ocean Extra
Open User Map
Pdf Poster – Display Pdf Files With Custom Viewer
Pay For Post With Woocommerce
Payment Gateway For Acba Bank
Place Order Without Payment For Woocommerce
Post List Designer – Category Post
Post Smtp – Complete Email Deliverability/Smtp Solution With Email Logs
Post Slider/Post Carousel With Post Vertical Scrolling Widget – A Responsive Post Slider
Post To Google My Business
Premmerce Permalink Manager For Woocommerce
Premmerce Product Filter For Woocommerce
Primary Addon For Elementor
Product Layouts For Woocommerce
The Radio Player – Live Shoutcast
Radio Station By Netmix® – Manage/Play Your Show Schedule In Wordpress!
Remove Add To Cart Woocommerce
The Restaurant & Cafe Addon For Elementor
Restrict – Membership
Revivepress – Keep Your Old Content Evergreen
Role Based Pricing For Woo By Meow Crew
Secure Gateway For Authorize.Net/Woocommerce By Pledged Plugins
Security Ninja – Wordpress Security & Firewall
Send Users Email – Email Subscribers
Share This Image
Smart Phone Field For Gravity Forms
Solid Testimonials – Testimonial Slider
Spotlight Social Feeds – Block
Storecustomizer – A Plugin To Customize All Woocommerce Pages
Streamweasels Twitch Integration
Tablepress – Tables In Wordpress Made Easy
Tablesome Table – Contact Form Db – Wpforms
Team Members Showcase
Team Members – A Wordpress Team Plugin With Gallery
Text To Speech Tts Accessibility
Thank You Page For Woocommerce
Topnewswp – Display Tikcer News
Treepress – Easy Family Trees & Ancestor Profiles
Url Shortify – Simple/Easy Url Shortener
Ultimeter
Unlimited Elements For Elementor
Wow Styler For Cf7 – Visual Styler For Contact Form 7 Forms
Wp Books Gallery – Build Stunning Book Showcases & Libraries In Minutes
Wp Coupons/Deals – Coupon Plugin For Affiliate Marketers
Wp Data Access – App Builder For Tables
Wp Encryption – One Click Free Ssl Certificate & Ssl / Https Redirect
Wp Meta/Date Remover
Wp Mobile Menu – The Mobile-Friendly Responsive Menu
Wp Notification Bell
Wp Page Templates
Wp Post Author – Author Box
Wp Shortcodes Plugin — Shortcodes Ultimate
Wp Fail2Ban – Advanced Security
Wpbits Addons For Elementor Page Builder
Wpide – File Manager & Code Editor
Widgets On Pages
Wordpress Form Builder Plugin For Contact Forms
Xt Floating Cart For Woocommerce
Quick View For Woocommerce
Variation Swatches For Woocommerce
Yasr – Yet Another Star Rating Plugin For Wordpress
Bblocks – Essential Gutenberg Blocks & Patterns Collection