- Published on
-
Apr 28, 2026
- Research Description
-
Animation and interaction plugins operate on a sensitive boundary between front-end rendering, visual builder controls, Gutenberg block behavior, Elementor widget configuration, and client-side JavaScript execution. These plugins often modify how content appears, moves, loads, transitions between pages, and reacts to scrolling or user interaction. A weakness in this class of plugin can lead to stored XSS through animation settings, unsafe rendering of visual effects, unauthorized modification of design behavior, CSRF against administrators, or broken front-end integrity when dynamic animation data is injected into markup or scripts. UiCore Animate – Free Animations, Transitions, and Interactions Addon for Elementor & Gutenberg blocks version 2.2.4 has successfully completed the CleanTalk Plugin Security Certification process and received PSC-2026-64651, confirming that the plugin was reviewed from a secure code perspective with attention to the most common exploitation paths for animation, transition, visual builder, and block-enhancement plugins.
- Affected versions
-
Min 2.2.4,
max 2.2.4.
Plugin Security Certification
Join the community of developers who prioritize security. Highlight your plugin in the WordPress catalog.
Get Plugin Security Certificate
| New vulnerability |
|
Booking Package
(CVE-2026-4911)
, Apr 29, 2026
|
|
Templately – Gutenberg & Elementor Template Library: 5000+ Free & Pro Ready Templates & Cloud!
(CVE-2026-42379)
, Apr 28, 2026
|
|
WPIDE – File Manager & Code Editor
, Apr 28, 2026
|
|
UiCore Animate
, Apr 28, 2026
|
|
WP Booking Calendar
, Apr 28, 2026
|