cleantalk
Vulnerabilities and Security Researches

Categories Images, CVE-2026-40734

CVE, Research URL

CVE-2026-40734

Home page URL

Security reports for Categories Images

Application

Categories Images

Published on
Apr 15, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Images: from n/a through <= 3.3.1.
Affected versions
max 3.3.2.
Status
vulnerable
Previous vulnerability researches
Integration Rede for WooCommerce (CVE-2026-0942) , Apr 16, 2026
Integration Rede for WooCommerce (CVE-2026-0939) , Apr 16, 2026
New vulnerability
Accessibly &#8211; WordPress Website Accessibility (CVE-2026-3643) , Apr 17, 2026
Barcode Scanner and Inventory manager. POS (Point of Sale) &#8211; scan barcodes &amp; create orders with barcode reader. (CVE-2026-4880) , Apr 17, 2026
OneSignal &#8211; Web Push Notifications (CVE-2026-3155) , Apr 17, 2026
Magazine Blocks – Blog Designer, Magazine &amp; Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid (CVE-2026-40728) , Apr 17, 2026
BetterDocs – Best Documentation, FAQ &amp; Knowledge Base Plugin with AI Support (CVE-2026-3875) , Apr 17, 2026