Wpgogo Custom_field_template

9 CVEs affecting Wpgogo Custom_field_template. Latest disclosed: 2024-09-15. Critical: 0, High: 2.

Top CVEs affecting Wpgogo Custom_field_template
CVESeverityScorePublishedSummary
CVE-2022-4324High7.22023-01-02The Custom Field Template WordPress plugin before 2.5.8 unserialises the content of an imported file, which could lead to PHP object injections issues when a h…
CVE-2023-38392High7.12023-08-07Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Hiroaki Miyashita Custom Field Template plugin <= 2.5.9 versions.
CVE-2024-44062Medium6.52024-09-15Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Sto…
CVE-2024-0627Medium6.42024-06-11The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's custom field name column in all versions up to, an…
CVE-2023-6745Medium6.42024-06-11The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cpt' shortcode in all versions up to, and includi…
CVE-2024-0653Medium4.42024-06-11The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6.1 due…
CVE-2023-6748Medium4.32024-06-11The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortc…
CVE-2023-22695Medium4.32023-07-10Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Field Template plugin <= 2.5.8 versions.
CVE-2020-36742Medium4.32023-07-01The Custom Field Template plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.1. This is due to missing or i…