Zephyrwest Category Posts Widget — known CVE vulnerabilities
Every CVE whose affected-product data names Zephyrwest Category Posts Widget, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-6158 — CVSS 4.8 (medium): The Category Posts Widget WordPress plugin before 4.9.17, term-and-category-based-posts-widget WordPress plugin before 4.9.13 does not…
CVE-2024-9638 — CVSS 4.8 (medium): The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow high…
CVE-2025-1453 — CVSS 4.8 (medium): The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high…