CVE-2024-24713

🗓️ 10 Feb 2024 08:01:02Reported by PatchstackType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 85 Views

CVE-2024-24713 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Auto Listings Auto Listings – Car Listings & Car Dealership Plugin for WordPress allows Stored XSS

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2024-24713	10 Feb 202409:21	–	circl
CNNVD	WordPress Plugin Auto Listings Cross-Site Scripting Vulnerability	10 Feb 202400:00	–	cnnvd
Cvelist	CVE-2024-24713 WordPress Auto Listings Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)	10 Feb 202408:01	–	cvelist
EUVD	EUVD-2024-22112	3 Oct 202520:07	–	euvd
NVD	CVE-2024-24713	10 Feb 202408:15	–	nvd
OSV	CVE-2024-24713	10 Feb 202408:15	–	osv
Patchstack	WordPress Auto Listings Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)	31 Jan 202400:00	–	patchstack
Prion	Cross site scripting	10 Feb 202408:15	–	prion
Positive Technologies	PT-2024-20509 · WordPress · Wp Auto Listings	10 Feb 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-24713	23 May 202507:29	–	redhatcve

NVD

Vulners

Node

wpautolistings auto_listingsRange<2.6.6wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "auto-listings",
    "product": "Auto Listings – Car Listings & Car Dealership Plugin for WordPress",
    "vendor": "WP Auto Listings",
    "versions": [
      {
        "changes": [
          {
            "at": "2.6.6",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.6.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/auto-listings/wordpress-auto-listings-plugin-2-6-5-cross-site-scripting-xss-vulnerability

28 Apr 2026 19:23Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.4 - 6.5

EPSS0.00084

SSVC

CWE-79