Vulnerabilities > Josevega
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2023-6983 | Authorization Bypass Through User-Controlled Key vulnerability in Josevega Display Custom Fields in the Frontend - Post and User Profile Fields The Display custom fields in the frontend – Post and User Profile Fields plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.1 via the vg_display_data shortcode due to missing validation on a user controlled key. | 4.3 |