Custom Content Shortcode Security Vulnerabilities and Issues — Custom Content Shortcode CVE List

Lucene search

Custom Content Shortcode ProjectCustom Content Shortcode

3 matches found

CVE•added 2022/03/07 9:15 a.m.•79 views

CVE-2021-24824

The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1, allows authenticated users with a role as low as contributor, to access arbitrary post metadata. This could lead to sensitive data disclosure, for example when used in combination with WooCommerce, the e...

4.3CVSS4.5AI score0.00181EPSS

CVE•added 2022/03/07 9:15 a.m.•71 views

CVE-2021-24825

The Custom Content Shortcode WordPress plugin before 4.0.2 does not validate the data passed to its load shortcode, which could allow Contributor+ (v < 4.0.1) or Admin+ (v

4.3CVSS4.5AI score0.00069EPSS

CVE•added 2022/03/07 9:15 a.m.•68 views

CVE-2021-24826

The Custom Content Shortcode WordPress plugin before 4.0.2 does not escape custom fields before outputting them, which could allow Contributor+ (v < 4.0.1) or Admin+ (v

5.4CVSS5.2AI score0.00171EPSS