CVE-2026-8939

The CVE-2026-8939 entry concerns the WordPress plugin Search Simple Fields (

PT-2026-43535

The Search Simple Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the search simple fields options function in functions admin.php. This makes it possible for unauthenticated...

CVE-2026-4068 Add Custom Fields to Media <= 2.0.3 - Cross-Site Request Forgery to Custom Field Deletion via 'delete' Parameter

The Add Custom Fields to Media plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.3. This is due to missing nonce validation on the field deletion functionality in the admin display template. The plugin properly validates a nonce for the 'ad...

Custom Media Size entries are missing in the Print Capabilities document for version 4.0 printer drivers

Custom Media Size entries are missing in the Print Capabilities document for version 4.0 printer drivers Symptoms After you apply the December 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 or the update rollup for Windows RT, Windows 8, and Windows Server 2012,...