Display Custom Fields In The Frontend - Post And User Profile Fields Security Vulnerabilities and Issues — Display Custom Fields In The Frontend - Post And User Profile Fields CVE List

Lucene search

JosevegaDisplay Custom Fields In The Frontend - Post And User Profile Fields

3 matches found

CVE•added 2024/02/05 10:15 p.m.•40 views

CVE-2023-6982

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and postmeta in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied ...

6.4CVSS5.2AI score0.00142EPSS

CVE•added 2024/02/05 10:15 p.m.•39 views

CVE-2023-6983

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. This makes it possible fo...

4.3CVSS4.6AI score0.00199EPSS

CVE•added 2024/02/05 10:15 p.m.•36 views

CVE-2023-6996

The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Code Injection via the plugin's vg_display_data shortcode in all versions up to, and including, 1.2.1 due to insufficient input validation and restriction on access to that shortcode. This...

8.8CVSS8.7AI score0.00932EPSS