Segera update versi wordpress anda dan plugin!. Plugin dibawah ini yang kena efek dari vulnerable xss pada penggunaan fungsi add_query_arg() dan  remove_query_arg()

• Jetpack
• WordPress SEO
• Google Analytics by Yoast
• All In one SEO
• Gravity Forms
• Multiple Plugins from Easy Digital Downloads
• UpdraftPlus
• WP-E-Commerce
• WPTouch
• Download Monitor
• Related Posts for WordPress
• My Calendar
• P3 Profiler
• Give
• Multiple iThemes products including Builder and Exchange
• Broken-Link-Checker
• Ninja Forms

Sumber : https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html