Vulnerabilities > GET Custom Field Values Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-18 | CVE-2023-45604 | Unspecified vulnerability in GET Custom Field Values Project GET Custom Field Values Auth. | 4.8 |
| 2021-12-13 | CVE-2021-24871 | Cross-site Scripting vulnerability in GET Custom Field Values Project GET Custom Field Values The Get Custom Field Values WordPress plugin before 4.0.1 does not escape custom fields before outputting them in the page, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks | 5.4 |
| 2021-12-13 | CVE-2021-24872 | Incorrect Authorization vulnerability in GET Custom Field Values Project GET Custom Field Values The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as Contributor to access other posts metadata without validating the permissions. | 6.5 |