The wp-customer-reviews plugin before 3.0.9 for WordPress has XSS in the admin tools.

Source

The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event.

Source

The booking-sms plugin before 1.1.0 for WordPress has XSS.

Source

The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues.

Source

The weblibrarian plugin before 3.4.8.7 for WordPress has XSS via front-end short codes.

Source

The weblibrarian plugin before 3.4.8.6 for WordPress has XSS via front-end short codes.

Source

The weblibrarian plugin before 3.4.8.5 for WordPress has XSS via front-end short codes.

Source

The shortcode-factory plugin before 1.1.1 for WordPress has XSS via add_query_arg.

Source