Wp Category Dropdown
by WordPress
Source repositories
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-58239 | Med | 0.42 | 6.5 | 0.00 | Sep 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandrika Sista WP Category Dropdown wp-category-dropdown allows Stored XSS.This issue affects WP Category Dropdown: from n/a through <= 1.9. | ||
| CVE-2024-8103 | Med | 0.35 | 6.4 | 0.00 | Sep 25, 2024 | The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' parameter in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with… |
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chandrika Sista WP Category Dropdown wp-category-dropdown allows Stored XSS.This issue affects WP Category Dropdown: from n/a through <= 1.9.
- risk 0.35cvss 6.4epss 0.00
The WP Category Dropdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'align' parameter in all versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…