CVE-2024-37259
WordPress WP Extended plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through <= 2.4.7.
| CWE | CWE-79 |
| Vendor | wp extended |
| Product | the ultimate wordpress toolkit – wp extended |
| Published | Jul 22, 2024 |
| Last Updated | Apr 1, 2026 |
Stay Ahead of the Next One
Get instant alerts for wp extended the ultimate wordpress toolkit – wp extended
Be the first to know when new unknown vulnerabilities affecting wp extended the ultimate wordpress toolkit – wp extended are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
WP Extended / The Ultimate WordPress Toolkit – WP Extended
0 ≤ 2.4.7
References
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/wpextended/vulnerability/wordpress-wp-extended-plugin-2-4-7-cross-site-scripting-xss-vulnerability?_s_id=cve patchstack.com: https://patchstack.com/database/vulnerability/wpextended/wordpress-wp-extended-plugin-2-4-7-cross-site-scripting-xss-vulnerability?_s_id=cve
Credits
Yudistira Arya | Patchstack Bug Bounty Program