Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fields vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-2398
The WordPress Comments Fields WordPress plugin prior to 4.1 does not escape Field Error Message, which could allow high-privileged users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Najeebmedia Wordpress Comments Fields
6.1
CVSSv3
CVE-2018-1000529
Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8.
Grails Grails Fields 2.2.7
1 Github repository
5.4
CVSSv3
CVE-2020-7228
The Calculated Fields Form plugin up to and including 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user.
Codepeople Calculated Fields Form
NA
CVE-2015-3363
Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module prior to 6.x-2.3 for Drupal allows remote malicious users to hijack the authentication of administrators for requests that delete fields via unspecified vectors.
Joshics Contact Form Fields
7.5
CVSSv3
CVE-2021-20865
Advanced Custom Fields versions before 5.11 and Advanced Custom Fields Pro versions before 5.11 contain a missing authorization vulnerability in browsing database which may allow a user to browse unauthorized data via unspecified vectors.
Advancedcustomfields Advanced Custom Fields
6.5
CVSSv3
CVE-2021-20867
Advanced Custom Fields versions before 5.11 and Advanced Custom Fields Pro versions before 5.11 contain a missing authorization vulnerability in moving the field group which may allow a user to move the unauthorized field group via unspecified vectors.
Advancedcustomfields Advanced Custom Fields
4.8
CVSSv3
CVE-2022-47157
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin <= 1.2.34 versions.
Webhammer Wp Custom Fields Search
5.4
CVSSv3
CVE-2023-5292
The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'acfe_form' shortcode in versions up to, and including, 0.8.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This ma...
Acfextended Advanced Custom Fields Extended
9.8
CVSSv3
CVE-2018-16281
The DEISER "Profields - Project Custom Fields" app prior to 6.0.2 for Jira has Incorrect Access Control.
Deiser Profields-project Custom Fields
5.4
CVSSv3
CVE-2022-32567
The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.
Appfire Jira Misc Custom Fields 2.4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »