Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Meta Box Security Vulnerabilities

cve
cve

CVE-2019-14793

The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter.

6.5CVSS

6.5AI Score

0.001EPSS

2019-08-09 01:15 PM
28
cve
cve

CVE-2019-14794

The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders.

7.5CVSS

7.5AI Score

0.001EPSS

2019-08-09 02:15 PM
38
cve
cve

CVE-2023-6526

The Meta Box – WordPress Custom Fields Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode in all versions up to, and including, 5.9.2 due to insufficient input sanitization and output escaping. This makes ...

6.4CVSS

5.6AI Score

0.0004EPSS

2024-02-05 10:15 PM
48