Mr2p Meta Field Block – Display Custom Fields In The Block Editor Without Coding
3 CVEs affecting Mr2p Meta Field Block – Display Custom Fields In The Block Editor Without Coding. Latest disclosed: 2026-05-28. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-3173 | Medium | 6.5 | 2026-05-28 | The Meta Field Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.5.1. This is due to the plu… |
CVE-2026-6252 | Medium | 6.4 | 2026-05-14 | The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tagName' block attribute in all versions up to, and including… |
CVE-2024-13362 | Medium | 6.1 | 2026-05-01 | Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient inp… |