3 matches found
CVE-2023-6983
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vgdisplaydata shortcode due to missing validation on a user controlled key. This makes it possible fo...
CVE-2023-6983
The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vgdisplaydata shortcode due to missing validation on a user controlled key. This makes it possible fo...
CVE-2023-6983
CVE-2023-6983 affects the WordPress plugin “Display custom fields in the frontend – Post and User Profile Fields”. It is an insecure direct object reference (IDOR) in the vg_display_data shortcode caused by missing validation on a user-controlled key, enabling authenticated attackers with contrib...