Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fields vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-9419
Cross-site scripting (XSS) vulnerability in the Webhammer WP Custom Fields Search plugin 0.3.28 for WordPress allows remote malicious users to inject arbitrary JavaScript via the cs-all-0 parameter.
Webhammer Wp-custom-fields-search 0.3.28
3.5
CVSSv2
CVE-2022-32567
The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.
Appfire Jira Misc Custom Fields 2.4.6
NA
CVE-2023-2256
The Product Addons & Fields for WooCommerce WordPress plugin prior to 32.0.7 does not sanitize and escape some URL parameters, leading to Reflected Cross-Site Scripting.
Themeisle Product Addons \\& Fields For Woocommerce
NA
CVE-2023-22676
Missing Authorization vulnerability in Anders Thorborg.This issue affects Anders Thorborg: from n/a up to and including 1.4.12.
Andersthorborg Advanced Custom Fields\\ Image Crop Add-on
6.5
CVSSv2
CVE-2021-24865
The Advanced Custom Fields: Extended WordPress plugin prior to 0.8.8.7 does not validate the order and orderby parameters before using them in a SQL statement, leading to a SQL Injection issue
Acf-extended Advanced Custom Fields\\ Extended
NA
CVE-2020-36696
The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the handle_downloads() function in versions up to, and including, 1.2.6. This makes it possible for unauthenticated malicious users to download...
Tychesoftwares Product Input Fields For Woocommerce
NA
CVE-2020-36731
The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettin...
Wpdesk Flexible Checkout Fields For Woocommerce
NA
CVE-2022-4442
The Custom Post Types and Custom Fields creator WordPress plugin prior to 2.3.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disal...
Cozmoslabs Custom Post Types And Custom Fields Creator
NA
CVE-2022-4831
The Custom User Profile Fields for User Registration WordPress plugin prior to 1.8.1 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scrip...
Paidmembershipspro Custom User Profile Fields For User Registration
NA
CVE-2022-4888
The Checkout Fields Manager WordPress plugin prior to 1.0.2, Abandoned Cart Recovery WordPress plugin prior to 1.2.5, Custom Fields for WooCommerce WordPress plugin prior to 1.0.4, Custom Order Number WordPress plugin up to and including 1.0.1, Custom Registration Forms Builder W...
Addify Order Tracking For Woocommerce
Addify Order Approval For Woocommerce
Addify Image Watermark For Woocommerce
Addify Gift Registry For Woocommerce
Addify Advanced Free Gifts
Addify Custom Registration Forms Builder
Addify Custom Order Number
Addify Custom Fields For Woocommerce
Addify Abandoned Cart Recovery
Addify Checkout Fields Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »