EUVD-2026-10096

The MDJM Event Management plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'customfieldscontroller' function in all versions up to, and including, 1.7.8.1. This makes it possible for unauthenticated attackers to delete arbitrary custom...

CVE-2026-1650

The MDJM Event Management plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the 'customfieldscontroller' function in all versions up to, and including, 1.7.8.1. This makes it possible for unauthenticated attackers to delete arbitrary custom...

EUVD-2024-16406

Malicious code in bioql PyPI...

CVE-2024-0613

The Delete Custom Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.3.1. This is due to missing or incorrect nonce validation on the ajaxdeletefield function. This makes it possible for unauthenticated attackers to delete arbitrary pos...

WordPress plugin Delete Custom Fields 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Delete Custom Fields plugin <= 0.3.1 - Cross-Site Request Forgery to Post Meta Deletion vulnerability

Cross-Site Request Forgery to Post Meta Deletion vulnerability discovered by Francesco Carlucci in WordPress Plugin Delete Custom Fields versions = 0.3.1...