Custom Field Suite Security Vulnerabilities and Issues — Custom Field Suite CVE List

Lucene search

Custom Field Suite ProjectCustom Field Suite

1 matches found

CVE•added 2024/05/14 3:39 p.m.•16 views

CVE-2024-3068

The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cfs[fields][*][name]' parameter in all versions up to, and including, 2.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administ...

4.8CVSS5.7AI score0.005EPSS