Title: XSS Vulnerability?
Last modified: August 24, 2016

---

# XSS Vulnerability?

 *  Resolved [Be Dark](https://wordpress.org/support/users/b_dark/)
 * (@b_dark)
 * [11 years ago](https://wordpress.org/support/topic/xss-vulnerability-13/)
 * [https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html](https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html)
   
   Everything ok with your plugin?
 * [https://wordpress.org/plugins/batchmove/](https://wordpress.org/plugins/batchmove/)

Viewing 1 replies (of 1 total)

 *  Plugin Author [cstoltenkamp](https://wordpress.org/support/users/cstoltenkamp/)
 * (@cstoltenkamp)
 * [10 years, 11 months ago](https://wordpress.org/support/topic/xss-vulnerability-13/#post-6053425)
 * Multiple WordPress Plugins are vulnerable to Cross-site Scripting (XSS) due to
   the misuse of the add_query_arg() and remove_query_arg() functions. These are
   popular functions used by developers to modify and add query strings to URLs 
   within WordPress.
 * **NOT USED**

Viewing 1 replies (of 1 total)

The topic ‘XSS Vulnerability?’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/batchmove.svg)
 * [Batch-Move Posts wp plugin](https://wordpress.org/plugins/batchmove/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/batchmove/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/batchmove/)
 * [Active Topics](https://wordpress.org/support/plugin/batchmove/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/batchmove/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/batchmove/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [cstoltenkamp](https://wordpress.org/support/users/cstoltenkamp/)
 * Last activity: [10 years, 11 months ago](https://wordpress.org/support/topic/xss-vulnerability-13/#post-6053425)
 * Status: resolved