VYPR

Meta Field Block

by Phi Phan

CVEs (1)

  • CVE-2026-3173MedMay 28, 2026
    risk 0.35cvss 6.5epss 0.00

    The Meta Field Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.5.1. This is due to the plugin allowing users to specify arbitrary object IDs and object types via block attributes without validating whether the…