{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40734", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-04-15T09:19:28.916Z", "datePublished": "2026-04-15T10:21:33.995Z", "dateUpdated": "2026-04-15T10:21:33.995Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "categories-images", "product": "Categories Images", "vendor": "Zahlan", "versions": [{"changes": [{"at": "3.3.2", "status": "unaffected"}], "lessThanOrEqual": "3.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "timomangcut | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-15T12:20:45.643Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.<p>This issue affects Categories Images: from n/a through <= 3.3.1.</p>"}], "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Images: from n/a through <= 3.3.1."}], "impacts": [{"capecId": "CAPEC-588", "descriptions": [{"lang": "en", "value": "DOM-Based XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-15T10:21:33.995Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/categories-images/vulnerability/wordpress-categories-images-plugin-3-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "title": "WordPress Categories Images plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability"}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Images: from n/a through <= 3.3.1."}], "id": "CVE-2026-40734", "lastModified": "2026-04-15T11:16:35.937", "metrics": {}, "published": "2026-04-15T11:16:35.937", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/categories-images/vulnerability/wordpress-categories-images-plugin-3-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,3.3.1]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[3.3.2,*]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Categories Images", "source": "cna", "vendor": "Zahlan"}, "product": "categories_images", "vendor": "zahlan"}], "analysis": {"en": {"generated_at": "2026-04-15T11:52:21.561242+00:00", "value": {"mitigation_remediation": ["Upgrade the Categories Images plugin to the latest available version.", "If an immediate upgrade is not possible, restrict access to the plugin\u2019s settings and front\u2011end features for untrusted users or block the plugin in the server configuration.", "Deploy a web application firewall rule to detect and block suspicious JavaScript payloads targeting the plugin\u2019s input vectors."], "summary": {"action": "Apply Patch", "impact": "Cross\u2011Site Scripting (XSS)"}, "threat_synthesis": {"affected_systems": "The vulnerability affects all releases of the Categories Images plugin up to and including version 3.3.1. The plugin is maintained by the vendor Zahlan.", "description_and_impact": "Improper neutralization of input in the Categories Images plugin permits a DOM\u2011Based XSS flaw. An attacker can embed malicious JavaScript that executes in a victim\u2019s browser when the victim visits a page that includes the vulnerable plugin. The impact is the ability to run arbitrary scripts in the context of the site, potentially enabling data theft, session hijacking, or the delivery of further malware.", "risk_and_exploitability": "No EPSS score is available, and the vulnerability is not listed in the CISA KEV catalog. However, XSS vulnerabilities are widely exploitable through crafted URLs or input fields. The attack requires user interaction on the vulnerable site, but once executed it can compromise confidentiality, integrity, and availability of the affected WordPress installation."}}}}, "created": "2026-04-15T13:44:58.886389+00:00", "updated": "2026-04-15T14:52:59.657042+00:00", "vendors": ["wordpress", "wordpress$PRODUCT$wordpress", "zahlan", "zahlan$PRODUCT$categories_images"]}