Smart Custom Fields

Source repositories

https://plugins.svn.wordpress.org/smart-custom-fields/

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2025-22308	WordPress Smart Custom Fields	Med	0.42	6.5	Jan 7, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Kitajima Smart Custom Fields smart-custom-fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through <= 5.0.0.
CVE-2026-4066	WordPress Smart Custom Fields	Med	0.28	4.3	Mar 23, 2026	The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to read private and draft post content from other authors via the smart-cf-relational-posts-search AJAX action. The function queries posts with post_status=any and returns full WP_Post objects including post_content, but only checks the generic edit_posts capability instead of verifying whether the requesting user has permission to read each individual post.
CVE-2024-1995	WordPress Smart Custom Fields	Med	0.21	4.3	Mar 20, 2024	The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 4.2.2. This makes it possible for authenticated attackers, with subscrber-level access and above, to retrieve post content that is password protected and/or private.

CVE-2025-22308MedJan 7, 2025
WordPress
Smart Custom Fields
risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Kitajima Smart Custom Fields smart-custom-fields allows Stored XSS.This issue affects Smart Custom Fields: from n/a through <= 5.0.0.
CVE-2026-4066MedMar 23, 2026
WordPress
Smart Custom Fields
risk 0.28cvss 4.3epss 0.00
The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 5.0.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to read private and draft post content from other authors via the smart-cf-relational-posts-search AJAX action. The function queries posts with post_status=any and returns full WP_Post objects including post_content, but only checks the generic edit_posts capability instead of verifying whether the requesting user has permission to read each individual post.
CVE-2024-1995MedMar 20, 2024
WordPress
Smart Custom Fields
risk 0.21cvss 4.3epss 0.00
The Smart Custom Fields plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the relational_posts_search() function in all versions up to, and including, 4.2.2. This makes it possible for authenticated attackers, with subscrber-level access and above, to retrieve post content that is password protected and/or private.