Medium severity6.1NVD Advisory· Published Sep 10, 2019· Updated Jun 17, 2026
CVE-2017-18610
CVE-2017-18610
Description
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/magic-fields plugindescription
- Range: <1.7.2
Patches
Vulnerability mechanics
References
2- sumofpwn.nl/advisory/2016/cross_site_scripting_in_magic_fields_1_wordpress_plugin.htmlnvdExploitPatchThird Party Advisory
- wordpress.org/plugins/magic-fields/nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.