Lucene search
K

4 matches found

NVD
NVD
added 2025/09/22 7:16 p.m.3 views

CVE-2025-58239

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chandrika Sista WP Category Dropdown wp-category-dropdown allows Stored XSS.This issue affects WP Category Dropdown: from n/a through = 1.9...

6.5CVSS0.00258EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/22 12:0 a.m.5 views

PT-2025-38904

Name of the Vulnerable Software and Affected Versions Chandrika Sista WP Category Dropdown versions through 1.9 Description The software contains a flaw related to improper input handling during web page creation, specifically a Stored Cross-Site Scripting issue. This allows for the injection of...

6.5CVSS5.9AI score0.00258EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/24 6:40 a.m.18 views

CVE-2024-8103 WP Category Dropdown <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Parameter

The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' parameter in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00325EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/24 6:40 a.m.10 views

CVE-2024-8103 WP Category Dropdown <= 1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Parameter

The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' parameter in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS5.8AI score0.00325EPSS
Exploits0References3
Rows per page
Query Builder