The Sucuri Blog has notified users of multiple WordPress plugins that are vulnerable to Cross-site Scripting (XSS) attacks. Listed are some of the more popular plugins used in the WordPress community:
The nature of this vulnerability makes it difficult to patch completely/comprehensively because so many plugins use the functions listed as being misused.
We highly recommend logging into your WordPress Dashboard and updating any plugins that have available updates.
If you have any questions or concerns, please contact our help desk by submitting a ticket via your https://my.pressable.com panel.
Pressable Status Blog 