- Published on
-
Apr 28, 2026
- Research Description
-
Animation and interaction plugins operate on a sensitive boundary between front-end rendering, visual builder controls, Gutenberg block behavior, Elementor widget configuration, and client-side JavaScript execution. These plugins often modify how content appears, moves, loads, transitions between pages, and reacts to scrolling or user interaction. A weakness in this class of plugin can lead to stored XSS through animation settings, unsafe rendering of visual effects, unauthorized modification of design behavior, CSRF against administrators, or broken front-end integrity when dynamic animation data is injected into markup or scripts. UiCore Animate – Free Animations, Transitions, and Interactions Addon for Elementor & Gutenberg blocks version 2.2.4 has successfully completed the CleanTalk Plugin Security Certification process and received PSC-2026-64651, confirming that the plugin was reviewed from a secure code perspective with attention to the most common exploitation paths for animation, transition, visual builder, and block-enhancement plugins.
- Affected versions
-
Min 2.2.4,
max 2.2.4.
Plugin Security Certification
Join the community of developers who prioritize security. Highlight your plugin in the WordPress catalog.
Get Plugin Security Certificate
| New vulnerability |
|
Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress
(CVE-2026-8912)
, May 20, 2026
|
|
Cookie Law Bar
(CVE-2021-47957)
, May 20, 2026
|
|
WordPress Infinite Scroll – Ajax Load More
(CVE-2026-6495)
, May 20, 2026
|
|
AI Engine
(CVE-2025-8084)
, May 20, 2026
|
|
AI Engine
(CVE-2026-8719)
, May 20, 2026
|