3 matches found
CVE-2023-6748
The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortcode. This makes it possible for authenticated attackers with contributor access and above, to extract sensitive data including arbitrary...
CVE-2023-6748
The CVE-2023-6748 entry concerns the WordPress plugin Custom Field Template. Affected versions are ≤ 2.6.1, with vulnerability enabling Sensitive Information Exposure via the cft shortcode, allowing authenticated attackers with Contributor+ privileges to extract sensitive data including arbitrary...
WordPress Custom Field Template Plugin <= 2.6.1 is vulnerable to Sensitive Data Exposure
Software Custom Field Template Type Plugin Vulnerable versions = 2.6.1 Fixed in 2.6.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6748 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1ef89c7771d0 Credits Francesco Carlucci...