Title: jQuery Validation Vulnerabilities Last modified: May 7, 2026 --- # jQuery Validation Vulnerabilities * Resolved [asaini](https://wordpress.org/support/users/asaini/) * (@asaini) * [1 week, 5 days ago](https://wordpress.org/support/topic/jquery-validation-vulnerabilities/) * In your module **White Label CMS** is using jQuery Validation Plugin version 1.17.0 which is affected by several security vulnerabilities, primarily related to **Regular Expression Denial of Service (ReDoS)** and **Cross-site Scripting( XSS)**. [[1](https://knowledge.informatica.com/s/article/000211372?language=en_US), [2](https://github.com/massimobonanni/AzureFunctionsSamples/issues/20)] * To secure your application, it is recommended to update to **version 1.22.1** or later. [[1](https://www.versioneye.com/NodeJS/jquery-validation/1.19.5)] * High Severity Vulnerabilities - **ReDoS (CVE-2021-21252 & CVE-2022-31147):** This version contains regular expressions used for URL and email validation that are susceptible to catastrophic backtracking. An attacker can provide a specially crafted input that causes the server or client’s CPU usage to spike, effectively freezing the application( Denial of Service). * **Fixed in:** Version 1.19.5. - **XSS (CVE-2024-52301 / CVE-2025-3573):** Vulnerabilities exist in the `showLabel()` function and how the plugin handles user-controlled placeholders in localized dictionaries. An attacker could execute arbitrary JavaScript by injecting malicious payloads into these input fields, potentially stealing user data or sessions. * **Recommendation** * If are currently using version 1.17.0, you should [upgrade the jQuery Validation Library](https://jqueryvalidation.org/) immediately. Version 1.17.0 has been flagged as having at least one high-severity vulnerability by the [NVD](https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:jqueryvalidation:jquery_validation) and [NuGet](https://www.nuget.org/packages/jQuery.Validation/1.17.0). [[1](https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:jqueryvalidation:jquery_validation), [2](https://www.nuget.org/packages/jQuery.Validation/1.17.0), [3](https://www.nuget.org/packages/jquery.validation)] Viewing 1 replies (of 1 total) * Plugin Support [VUM Support – Jhay](https://wordpress.org/support/users/jhayvum/) * (@jhayvum) * [1 week, 4 days ago](https://wordpress.org/support/topic/jquery-validation-vulnerabilities/#post-18902396) * Hello [@asaini](https://wordpress.org/support/users/asaini/), * Thanks for reporting this. We have just released a new version that patches this security issue. Viewing 1 replies (of 1 total) You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fjquery-validation-vulnerabilities%2F%3Foutput_format%3Dmd&locale=en_US) to reply to this topic. * ![](https://ps.w.org/white-label-cms/assets/icon-256x256.png?rev=1977768) * [White Label CMS](https://wordpress.org/plugins/white-label-cms/) * [Frequently Asked Questions](https://wordpress.org/plugins/white-label-cms/#faq) * [Support Threads](https://wordpress.org/support/plugin/white-label-cms/) * [Active Topics](https://wordpress.org/support/plugin/white-label-cms/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/white-label-cms/unresolved/) * [Reviews](https://wordpress.org/support/plugin/white-label-cms/reviews/) * 1 reply * 2 participants * Last reply from: [VUM Support – Jhay](https://wordpress.org/support/users/jhayvum/) * Last activity: [1 week, 4 days ago](https://wordpress.org/support/topic/jquery-validation-vulnerabilities/#post-18902396) * Status: resolved