109 matches found
CVE-2026-57687
Contributor SQL Injection in Custom Field Template = 2.7.8 versions...
CVE-2026-57687 WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability
Contributor SQL Injection in Custom Field Template = 2.7.8 versions...
CVE-2026-57687
CVE-2026-57687 concerns a SQL Injection vulnerability in the WordPress plugin Custom Field Template (versions
EUVD-2026-41296
Contributor SQL Injection in Custom Field Template = 2.7.8 versions...
WordPress Custom Field Template plugin <= 2.7.8 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin Custom Field Template versions = 2.7.8...
CVE-2025-68607
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Stored XSS.This issue affects Custom Field Template: from n/a through = 2.7.7...
EUVD-2025-205657
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.7.5...
CVE-2025-68607
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Stored XSS.This issue affects Custom Field Template: from n/a through = 2.7.7...
CVE-2025-68607 WordPress Custom Field Template plugin <= 2.7.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field Template: from n/a through 2.7.5...
CVE-2025-68607
CVE-2025-68607: Custom Field Template (WordPress) stored XSS Affected software: Custom Field Template (WordPress plugin), affected range up to version 2.7.5 (inclusive). Nature of flaw: Improper neutralization of input during web page generation leads to stored cross-site scripting (Authenticated...
CVE-2025-68607 WordPress Custom Field Template plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Stored XSS.This issue affects Custom Field Template: from n/a through = 2.7.7...
PT-2025-53798
Name of the Vulnerable Software and Affected Versions Hiroaki Miyashita Custom Field Template versions through 2.7.5 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Stored Cross-site Scripting issue. This allows for the...
WordPress plugin Custom Field Template 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...
WordPress Custom Field Template plugin <= 2.7.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Custom Field Template versions = 2.7.7...
CVE-2025-63058
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through = 2.7.6...
EUVD-2025-201971
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through = 2.7.4...
CVE-2025-63058
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through = 2.7.6...
CVE-2025-63058 WordPress Custom Field Template plugin <= 2.7.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through = 2.7.6...
CVE-2025-63058 WordPress Custom Field Template plugin <= 2.7.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through = 2.7.6...
CVE-2025-63058
CVE-2025-63058 concerns the WordPress plugin “Custom Field Template” (versions up to 2.7.4). Public sources in the Connected documents identify an authenticated information exposure vulnerability: an attacker with Subscriber+ privileges can retrieve embedded sensitive data exposed by the Custom F...