Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
MagicfieldsMagic Fields

3 matches found

CVE
CVEadded 2019/09/10 11:28 a.m.46 views

CVE-2017-18611

The CVE refers to the WordPress plugin Magic Fields, affected versions prior to 1.7.2. An XSS vulnerability exists via the RCCWP_CreateCustomFieldPage.php; the custom-field-css parameter can inject script, potentially impacting users who load vulnerable pages. Remediation is to upgrade the Magic ...

6.1CVSS6AI score0.00293EPSS
CVE
CVEadded 2019/09/10 11:21 a.m.45 views

CVE-2017-18609

The CVE-2017-18609 entry concerns the WordPress plugin magic-fields, specifically versions before 1.7.2, which is vulnerable to cross-site scripting via the custom-write-panel-id parameter. Affected component: magic-fields plugin for WordPress. Root cause: XSS vulnerability in handling the custom...

6.1CVSS6AI score0.00345EPSS
CVE
CVEadded 2019/09/10 11:23 a.m.41 views

CVE-2017-18610

The CVE-2017-18610 issue affects the WordPress plugin “magic-fields” (before 1.7.2). The vulnerability is an XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter, as reported across multiple sources (Red Hat, CNVD, NVD mirrors, OSV, CVE lists). Impact described in sources is clie...

6.1CVSS6AI score0.00293EPSS