Title: Cross-Site Scripting attack
Last modified: September 27, 2022

---

# Cross-Site Scripting attack

 *  Resolved [aman789](https://wordpress.org/support/users/aman789/)
 * (@aman789)
 * [3 years, 8 months ago](https://wordpress.org/support/topic/cross-site-scripting-attack/)
 * The plugin does not escape some of its shortcode’s attributes, which could allow
   users with a role as low as a contributor to perform Stored Cross-Site Scripting
   attacks

Viewing 1 replies (of 1 total)

 *  Plugin Author [Imtiaz Rayhan](https://wordpress.org/support/users/imtiazrayhan/)
 * (@imtiazrayhan)
 * [3 years, 7 months ago](https://wordpress.org/support/topic/cross-site-scripting-attack/#post-16149584)
 * Hi,
 * I have released an update with the fixes for the issues.
 * Please update the plugin to the latest version.
 * Kind regards.

Viewing 1 replies (of 1 total)

The topic ‘Cross-Site Scripting attack’ is closed to new replies.

 * ![](https://ps.w.org/shortcode-for-current-date/assets/icon-256x256.png?rev=2898049)
 * [Shortcode for Current Date](https://wordpress.org/plugins/shortcode-for-current-date/)
 * [Support Threads](https://wordpress.org/support/plugin/shortcode-for-current-date/)
 * [Active Topics](https://wordpress.org/support/plugin/shortcode-for-current-date/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/shortcode-for-current-date/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/shortcode-for-current-date/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [Imtiaz Rayhan](https://wordpress.org/support/users/imtiazrayhan/)
 * Last activity: [3 years, 7 months ago](https://wordpress.org/support/topic/cross-site-scripting-attack/#post-16149584)
 * Status: resolved