cleantalk
Vulnerabilities and Security Researches

The Ultimate WordPress Toolkit – WP Extended, CVE-2024-37259

CVE, Research URL

CVE-2024-37259

Home page URL

Security reports for The Ultimate WordPress Toolkit – WP Extended

Application

The Ultimate WordPress Toolkit – WP Extended

Published on
Jul 22, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through 2.4.7.
Affected versions
Min -, max 3.0.0.
Status
vulnerable
Previous vulnerability researches
The Ultimate WordPress Toolkit – WP Extended (CVE-2024-37259) , Jul 01, 2024
The Ultimate WordPress Toolkit – WP Extended (CVE-2024-13184) , Jan 20, 2025
The Ultimate WordPress Toolkit – WP Extended (CVE-2024-11916) , Jan 09, 2025
The Ultimate WordPress Toolkit – WP Extended (CVE-2024-11816) , Jan 09, 2025
The Ultimate WordPress Toolkit – WP Extended (CVE-2025-4963) , Jun 14, 2025
New vulnerability
DIOT SCADA with MQTT (CVE-2025-4216) , Jun 16, 2025
Simple Newsletter Plugin – Noptin (CVE-2025-49871) , Jun 16, 2025
Job Board Manager (CVE-2025-49324) , Jun 16, 2025
Bitly URL Shortener (CVE-2025-30629) , Jun 16, 2025
ACF Onyx Poll (CVE-2025-5841) , Jun 16, 2025