PLUGIN SECURITY
Is Category Posts safe?
Known vulnerabilities, PHP compatibility and safer alternatives for the Category Posts WordPress plugin — checked against WP Clinic's local security database.
Plugin details
- Slug:
category-posts - Requires PHP: 5.3+
- Max supported PHP (analyzed): 8.4
Known vulnerabilities
- CVE-2024-6158 — Category Posts Widget [category-posts] < 4.9.17 (XSS) · Medium
- CVE-2024-9638 — Category Posts Widget [category-posts] < 4.9.18 (XSS) · Medium
- Category Posts Widget [category-posts] < 4.9.20 (XSS) · Medium
Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.
Safer / more established alternatives
- List category posts — 80000+ active installs — max PHP 8.4
- Media Library Assistant — 70000+ active installs — max PHP 8.4
- Pages with category and tag — 60000+ active installs — max PHP 8.4
- Tag, Category, and Taxonomy Manager – Autotagger Automatically Add Terms — 50000+ active installs — max PHP 8.4
- Search & Filter — 50000+ active installs — max PHP 8.4
Check your own WordPress site
Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.