CVE-2024-9347

🗓️ 17 Oct 2024 03:32:49Reported by WordfenceType

The Ultimate WordPress Toolkit plugin <= 3.0.9 - Reflected XSS via 'wpext-export' paramete

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-9347	17 Oct 202407:26	–	circl
CNNVD	WordPress plugin The Ultimate WordPress Toolkit – WP Extended 跨站脚本漏洞	17 Oct 202400:00	–	cnnvd
Cvelist	CVE-2024-9347 The Ultimate WordPress Toolkit – WP Extended <= 3.0.9 - Reflected Cross-Site Scripting	17 Oct 202403:32	–	cvelist
EUVD	EUVD-2024-49873	3 Oct 202520:07	–	euvd
NVD	CVE-2024-9347	17 Oct 202404:15	–	nvd
Patchstack	WordPress The Ultimate WordPress Toolkit – WP Extended Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS)	16 Oct 202400:00	–	patchstack
Patchstack	WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.9 - Reflected Cross-Site Scripting vulnerability	16 Oct 202415:57	–	patchstack
Positive Technologies	PT-2024-39583 · WordPress · Wp Extended	16 Oct 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-9347	23 May 202508:16	–	redhatcve
Vulnrichment	CVE-2024-9347 The Ultimate WordPress Toolkit – WP Extended <= 3.0.9 - Reflected Cross-Site Scripting	17 Oct 202403:32	–	vulnrichment

NVD

Vulners

Node

wpextended wp_extendedRange<3.0.10wordpress

wpextended wp_extendedMatch3.0.11wordpress

wpextended wp_extendedMatch3.0.12wordpress

[
  {
    "vendor": "wpextended",
    "product": "The Ultimate WordPress Toolkit – WP Extended",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "3.0.9",
        "versionType": "semver"
      },
      {
        "version": "2.0.12",
        "status": "affected"
      },
      {
        "version": "3.0.11",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/browser/wpextended/tags/3.0.9/includes/libraries/wpext_export/wpext_export.php
plugins	www.plugins.trac.wordpress.org/changeset/3169963/wpextended/trunk/includes/libraries/wpext_export/wpext_export.php
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/822c0a33-e57e-48c7-b8df-fddf3bb2e552
plugins	www.plugins.trac.wordpress.org/changeset

08 Apr 2026 18:22Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.16.1

EPSS0.02427

SSVC

CWE-79