Category Icon

Vulnerabilities 4Slug category-iconLatest version 1.0.3WordPress.org →

Minimum safe version

1.0.3

Update to 1.0.3 or later to address 3 fixable vulnerabilities

Latest available1.0.3 ⚠ 1 vulnerability has no fix
Medium 5.9
2025-12-25< 1.0.3

Category Icon <= 1.0.2 - Authenticated (Editor+) Stored Cross-Site Scripting

WordfenceCVE
Critical 9.1 Unfixed
2025-06-09≤ 1.0.3

WordPress Category Icon plugin <= 1.0.3 - XML External Entity (XXE) vulnerability

CVEEUVDWordfence
Medium 6.4
2024-10-14< 1.0.1

WordPress Category Icon Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWordfence