EUVD-2024-22112

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Stored XSS vulnerability in WP Auto Listings Plugin for WordPress affects version up to 2.6.5

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2024-24713	10 Feb 202409:21	–	circl
CNNVD	WordPress Plugin Auto Listings Cross-Site Scripting Vulnerability	10 Feb 202400:00	–	cnnvd
CVE	CVE-2024-24713	10 Feb 202408:01	–	cve
Cvelist	CVE-2024-24713 WordPress Auto Listings Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)	10 Feb 202408:01	–	cvelist
NVD	CVE-2024-24713	10 Feb 202408:15	–	nvd
OSV	CVE-2024-24713	10 Feb 202408:15	–	osv
Patchstack	WordPress Auto Listings Plugin <= 2.6.5 is vulnerable to Cross Site Scripting (XSS)	31 Jan 202400:00	–	patchstack
Prion	Cross site scripting	10 Feb 202408:15	–	prion
Positive Technologies	PT-2024-20509 · WordPress · Wp Auto Listings	10 Feb 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-24713	23 May 202507:29	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "26dd5c8e-45f1-3e22-be82-add4a20ae5ef",
        "vendor": {
          "name": "WP Auto Listings"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "608af14b-17ea-3408-97da-1db0f79a0757",
        "product": {
          "name": "Auto Listings – Car Listings & Car Dealership Plugin for WordPress"
        }
      },
      {
        "id": "b00da7d0-c1a9-3bb2-a99d-6a5a2653204b",
        "product": {
          "name": "Auto Listings – Car Listings & Car Dealership Plugin for WordPress"
        },
        "product_version": "n/a ≤2.6.5"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/auto-listings/wordpress-auto-listings-plugin-2-6-5-cross-site-scripting-xss-vulnerability

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.15.4 - 6.5

EPSS0.00084

SSVC