Vulnerabilities > Display Post Metadata Project > Display Post Metadata > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-13 | CVE-2021-24855 | Cross-site Scripting vulnerability in Display Post Metadata Project Display Post Metadata The Display Post Metadata WordPress plugin before 1.5.0 adds a shortcode to print out custom fields, however their content is not sanitised or escaped which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks | 3.5 |