Lucene search

CVE-2024-6158

🗓️ 12 Aug 2024 13:38:38Reported by [email protected]Type

Category Posts Widget WordPress plugin vulnerability allows Stored Cross-Site Scripting attack

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2024-6158 Category Posts Widget (Free < 4.9.17, Pro < 4.9.13) - Admin+ Stored XSS	9 Aug 202406:00	–	vulnrichment
RedhatCVE	CVE-2024-6158	23 May 202507:59	–	redhatcve
Cvelist	CVE-2024-6158 Category Posts Widget (Free < 4.9.17, Pro < 4.9.13) - Admin+ Stored XSS	9 Aug 202406:00	–	cvelist
CVE	CVE-2024-6158	12 Aug 202413:38	–	cve
Patchstack	WordPress Category Posts Widget Plugin < 4.9.17 is vulnerable to Cross Site Scripting (XSS)	13 Aug 202400:00	–	patchstack
Patchstack	WordPress Term And Category Based Posts Widget Plugin < 4.9.13 is vulnerable to Cross Site Scripting (XSS)	13 Aug 202400:00	–	patchstack
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 15, 2024 to July 21, 2024)	25 Jul 202414:49	–	wordfence

Nvd

Node

tiptoppress term_and_category_based_posts_widgetRange<4.9.13wordpress

zephyrwest category_posts_widgetRange<4.9.17wordpress

Source	Link
wpscan	www.wpscan.com/vulnerability/8adb219f-f0a6-4e87-8626-db26e300c220/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Aug 2024 13:38Current

CVSS34.8

EPSS0.00021

CWE-79