cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9020,https://securityvulnerability.io/vulnerability/CVE-2024-9020,Stored Cross-Site Scripting Vulnerability in List Category Posts Plugin for WordPress,"The List Category Posts Plugin for WordPress, prior to version 0.90.3, is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. This issue arises because the plugin fails to properly validate and escape certain shortcode attributes when rendering pages or posts that incorporate these shortcodes. As a result, users with contributor roles or higher could exploit this flaw, executing arbitrary JavaScript code when other users view the affected content. Such attacks can lead to unauthorized actions on behalf of users or disclosure of sensitive information, underscoring the importance of updating to a secured version of the plugin.",WordPress,List Category Posts,,,0.0004299999854993075,false,false,false,true,true,false,false,2025-01-18T06:00:05.173Z,0