Simple Fields
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-25324 | Med | 0.40 | 6.2 | 0.01 | May 17, 2026 | Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious… | ||
| CVE-2013-7476 | 0.00 | — | 0.01 | Aug 14, 2019 | The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface. | |||
| CVE-2015-9302 | 0.00 | — | 0.01 | Aug 13, 2019 | The simple-fields plugin before 1.4.11 for WordPress has XSS. |
- risk 0.40cvss 6.2epss 0.01
Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious…
- CVE-2013-7476Aug 14, 2019risk 0.00cvss —epss 0.01
The simple-fields plugin before 1.2 for WordPress has CSRF in the admin interface.
- CVE-2015-9302Aug 13, 2019risk 0.00cvss —epss 0.01
The simple-fields plugin before 1.4.11 for WordPress has XSS.