Category Posts Widget

Vulnerabilities 3Slug category-postsLatest version 4.9.22WordPress.org →

Minimum safe version

4.9.20

Update to 4.9.20 or later to address 3 fixable vulnerabilities

Latest available4.9.22
Medium 4.8
2025-04-24< 4.9.20

Category Posts Widget <= 4.9.19 - Authenticated (Admin+) Stored Cross-Site Scripting

EUVDWordfenceCVE
Medium 4.8
2025-01-07< 4.9.18

WordPress Category Posts Widget Plugin < 4.9.18 is vulnerable to Cross Site Scripting (XSS)

PatchstackWordfenceCVE
Medium 4.8
2024-08-13< 4.9.17

WordPress Category Posts Widget Plugin < 4.9.17 is vulnerable to Cross Site Scripting (XSS)

PatchstackCVEWordfence