VYPR

WP Custom Fields Search

by WordPress

CVEs (2)

  • CVE-2024-8364MedSep 19, 2024
    risk 0.42cvss 6.4epss 0.00

    The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. This makes…

  • CVE-2022-47157MedMay 18, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Don Benjamin WP Custom Fields Search plugin <= 1.2.34 versions.