XSS Vulnerability affects many popular WordPress plugins

Sucuri recently released an article identifying an XSS vulnerability found in many popular WordPress plugins. The functions were add_query_arg() and remove_query_arg() which are popular functions used by developers as a way to add and modify strings / URLs within WordPress. The documentation found within WordPress Codex was rather misleading and unclear which may have caused the dangerous use of these functions.

Some common plugins which have been affected:

There are sure to be many more that are not listed as Sucuri only listed from the top 300 downloaded plugins. It is highly recommended that you ensure that your WordPress platform and plugins are updated immediately.

Some other helpful hints to reduce your risk of exposure and exploitation: