Vulnerabilities > Webhammer > WP Custom Fields Search > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-8364 | Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2023-05-18 | CVE-2022-47157 | Unspecified vulnerability in Webhammer WP Custom Fields Search Auth. | 4.8 |